Document Disclosure Vulnerability in APM Server by Elastic
CVE-2024-11994

5.7MEDIUM

Key Information:

Vendor: Elastic
Status: Apm Server
Vendor: CVE Published:; 1 May 2025

What is CVE-2024-11994?

A vulnerability in APM Server allows for the unintended exposure of sensitive information due to improperly handled bulk index requests. When these requests partially fail, fragments of the document body may be logged, potentially leading to the disclosure of confidential user data in the error logs. This occurrence poses a significant risk to organizations relying on APM for monitoring and debugging, as sensitive information could be accessed by unauthorized users. It is crucial for users of affected APM Server versions to apply security updates to mitigate the risk of information leakage.

Affected Version(s)

APM Server 8.0.0 < 8.16.1

References

https://discuss.elastic.co/t/apm-server-8-16-1-security-u...

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2025
Vulnerability Reserved
Nov 29, 2024