CVE-2023-46672
Severity CVSS v4.0:
Pending analysis
Type:
CWE-532
Information Exposure Through Log Files
Publication date:
15/11/2023
Last modified:
13/02/2025
Description
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances.<br />
<br />
The prerequisites for the manifestation of this issue are:<br />
<br />
* Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format.<br />
<br />
<br />
* Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.
Impact
Base Score 3.x
8.40
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:elastic:logstash:*:*:*:*:*:*:*:* | 8.10.0 (including) | 8.11.1 (excluding) |
| cpe:2.3:a:elastic:logstash:7.12.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://discuss.elastic.co/t/logstash-8-11-1-security-update-esa-2023-26/347191
- https://security.netapp.com/advisory/ntap-20240125-0002/
- https://security.netapp.com/advisory/ntap-20240229-0001/
- https://www.elastic.co/community/security
- https://discuss.elastic.co/t/logstash-8-11-1-security-update-esa-2023-26/347191
- https://security.netapp.com/advisory/ntap-20240125-0002/
- https://security.netapp.com/advisory/ntap-20240229-0001/
- https://www.elastic.co/community/security