cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-37286,https://securityvulnerability.io/vulnerability/CVE-2024-37286,Logging of Document Bodies in Elastic APM Server,"APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged.",Elastic,Apm Server,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-08-03T16:15:00.000Z,0
CVE-2024-23448,https://securityvulnerability.io/vulnerability/CVE-2024-23448,APM Server Logs Vulnerable to Sensitive Information Injection,"A security vulnerability exists in Elastic's APM Server that allows sensitive information to be captured in server logs. When an attempt to index a document fails in Elasticsearch, the APM Server logs the error response at an ERROR level, which may inadvertently include portions of the original document. This creates a potential risk of exposing private data through log files, especially if the documents being ingested contain sensitive information. Proper logging practices and sanitization of logs are recommended to mitigate risks associated with this issue.",Elastic,APM Server,7.5,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2024-02-07T21:37:45.908Z,0
CVE-2023-31421,https://securityvulnerability.io/vulnerability/CVE-2023-31421,"Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue","A vulnerability has been identified in which Beats, Elastic Agent, APM Server, and Fleet Server do not adequately verify server certificates when connecting to target IP addresses. While the signature of the certificate is checked, the validation process fails to confirm the server certificate's IP Subject Alternative Name (SAN) values against the actual IP being targeted. This lapse means that if configured to connect via an IP address instead of a hostname, the expected security checks are bypassed, potentially allowing unauthorized access.",Elastic,"Beats,Elastic Agent,APM Server,Fleet Server",7.5,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2023-10-26T04:15:00.000Z,0