Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fleet Server Insertion of Sensitive Information into Log File
Vulnerability Description
An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to retrieve other secrets in the policy including for Elasticsearch and third-party services. Alternatively a threat actor could potentially enrol agents to the clusters and send arbitrary events to Elasticsearch.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
Elasticsearch 日志信息泄露漏洞
Vulnerability Description
Elasticsearch是一个基于Lucene库的搜索引擎。 Elasticsearch 存在安全漏洞,该漏洞源于在部分版本 Fleet Server 中发现了一个问题,其中代理注册令牌以纯文本形式插入到 Fleet Server 的日志文件中。
CVSS Information
N/A
Vulnerability Type
N/A