Elastic APM Server leaks document body via failed bulk index logs
CVE-2024-37286 Published on August 3, 2024

APM Server Insertion of Sensitive Information into Log File
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

NONE

Weakness Type

Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

Products Associated with CVE-2024-37286

Want to know whenever a new CVE is published for Elastic Apm Server? stack.watch will email you.

Elastic Apm Server

Affected Versions

Elastic APM Server Version 8.14.0 is unaffected by CVE-2024-37286

Exploit Probability

EPSS

0.43%

Percentile

62.46%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Elastic APM Server leaks document body via failed bulk index logsCVE-2024-37286 Published on August 3, 2024

Vulnerability Analysis

Weakness Type

Insertion of Sensitive Information into Log File

Products Associated with CVE-2024-37286

Affected Versions

Exploit Probability

Elastic APM Server leaks document body via failed bulk index logs
CVE-2024-37286 Published on August 3, 2024