We found results for “”
CVE-2023-49921
Good to know:
Date: December 2, 2023
A flaw was found in Elasticsearch. Watcher search input is logged in the search query results when using the DEBUG log level, which could lead to excessive logging of unnecessary and unauthorized content.This affects Elasticsearch versions on or after 7.0.0 and before 7.17.16 and 8.0.0 and before 8.11.2.
Language: Java
Severity Score
Severity Score
Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | ADJACENT_NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |