Apm Agent Ruby Elastic Apm Agent Ruby

stack.watch can email you when security vulnerabilities are reported in Elastic Apm Agent Ruby. You can add multiple products that you use with Apm Agent Ruby to create your own personal software stack watcher.

By the Year

In 2021 there have been 0 vulnerabilities in Elastic Apm Agent Ruby . Apm Agent Ruby did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 0 0.00
2019 1 7.40
2018 0 0.00

It may take a day or so for new Apm Agent Ruby vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Elastic Apm Agent Ruby Security Vulnerabilities

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0

CVE-2019-7615 7.4 - High - July 30, 2019

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the middle style attack against the Ruby agent.

CVE-2019-7615 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 2.2 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Improper Certificate Validation