CVE-2023-31417

CVSS V2 None CVSS V3 None

Description

Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.

Overview

CVE ID
CVE-2023-31417

Assigner
elastic

Vulnerability Status
PUBLISHED

Published Version
2023-10-26T17:47:37.065Z

Last Modified Date
2023-10-26T17:47:37.065Z

Weakness Enumerations

CWE	URL
CWE-532	http://cwe.mitre.org/data/definitions/532.html

References

Reference URL	Reference Tags
https://discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479
https://www.elastic.co/community/security
https://security.netapp.com/advisory/ntap-20231130-0006/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-31417
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31417

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 21:34:55				Added to TrackCVE