FKIE_CVE-2023-46668

Vulnerability from fkie_nvd - Published: 2023-10-26 00:15 - Updated: 2024-11-21 08:29
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.
References
security@elastic.cohttps://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203Release Notes
security@elastic.cohttps://www.elastic.co/community/securityMitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203Release Notes
af854a3a-2127-422b-91ae-364da2661108https://www.elastic.co/community/securityMitigation, Vendor Advisory
Impacted products
Vendor Product Version
elastic endpoint *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:elastic:endpoint:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "542BBFE6-D7B0-4956-BDFB-F83E3B188F93",
              "versionEndIncluding": "8.10.3",
              "versionStartIncluding": "7.9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts."
    },
    {
      "lang": "es",
      "value": "Si Elastic Endpoint (v7.9.0 - v8.10.3) est\u00e1 configurado para usar una opci\u00f3n no predeterminada en la que el nivel de log est\u00e1 configurado expl\u00edcitamente en debug, y cuando Elastic Agent est\u00e1 configurado simult\u00e1neamente para recopilar y enviar esos registros a Elasticsearch, entonces las claves de API del Agente Elastic se pueden ver en Elasticsearch en texto plano. Estas claves API podr\u00edan usarse para escribir datos arbitrarios y leer artefactos de usuario de Elastic Endpoint."
    }
  ],
  "id": "CVE-2023-46668",
  "lastModified": "2024-11-21T08:29:01.693",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 2.5,
        "source": "security@elastic.co",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-10-26T00:15:12.150",
  "references": [
    {
      "source": "security@elastic.co",
      "tags": [
        "Release Notes"
      ],
      "url": "https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203"
    },
    {
      "source": "security@elastic.co",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.elastic.co/community/security"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.elastic.co/community/security"
    }
  ],
  "sourceIdentifier": "security@elastic.co",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "security@elastic.co",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.