Source |
CVE Liste |
Identifiant |
8400705 |
Date de publication |
2023-10-26 01:15:07 (vue: 2023-10-26 07:09:05) |
Titre |
CVE-2023-46667 |
Texte |
Un problème a été découvert dans Fleet Server> = V8.10.0 et = v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to retrieve other secrets in the policy including for Elasticsearch and third-party services. Alternatively a threat actor could potentially enrol agents to the clusters and send arbitrary events to Elasticsearch. |
Envoyé |
Oui |
Condensat |
2023 46667 actor agent agents allow alternatively arbitrary are being clusters could cve discovered elasticsearch enrol enrolment events file fleet including inserted issue log other party plain policy potentially retrieve secrets send server server’s services someone text these third threat tokens use where |
Tags |
Threat
|
Stories |
|
Notes |
|
Move |
|