Logstash Insertion of Sensitive Information into Log File
CVE-2023-46672

5.5MEDIUM

Key Information:

Vendor: Elastic
Status: Logstash
Vendor: CVE Published:; 15 November 2023

Summary

An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances.

The prerequisites for the manifestation of this issue are:

Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format.
Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.

Affected Version(s)

Logstash 8.10.0 < 8.11.1

References

https://discuss.elastic.co/t/logstash-8-11-1-security-upd...

https://www.elastic.co/community/security

https://security.netapp.com/advisory/ntap-20240125-0002/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2023
Vulnerability Reserved
Oct 24, 2023

.