Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-31422— Kibana Insertion of Sensitive Information into Log File

CVSS 9.0 · Critical EPSS 0.40% · P60
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-31422

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Kibana Insertion of Sensitive Information into Log File
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. The issue impacts only Kibana version 8.10.0 when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. Elastic has released Kibana 8.10.1 which resolves this issue. The error object recorded in the log contains request information, which can include sensitive data, such as authentication credentials, cookies, authorization headers, query params, request paths, and other metadata. Some examples of sensitive data which can be included in the logs are account credentials for kibana_system, kibana-metricbeat, or Kibana end-users.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
通过日志文件的信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
Elasticsearch 日志信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Elasticsearch是一个基于Lucene库的搜索引擎。 Elasticsearch 存在安全漏洞,该漏洞源于当登录 JSON 布局或模式布局配置为记录 %meta 模式时,敏感信息会记录在 Kibana 日志中。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
ElasticKibana 8.10.0 -

II. Public POCs for CVE-2023-31422

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2023-31422

登录查看更多情报信息。

Same Patch Batch · Elastic · 2023-10-26 · 8 CVEs total

CVE-2023-466678.1 HIGHFleet Server Insertion of Sensitive Information into Log File
CVE-2023-314187.5 HIGHElasticsearch uncontrolled resource consumption
CVE-2023-314196.5 MEDIUMElasticsearch StackOverflow vulnerability
CVE-2023-314215.9 MEDIUMBeats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue
CVE-2023-466665.3 MEDIUMElastic Sharepoint Online Python Connector Improper Access Control
CVE-2023-314165.3 MEDIUMElastic Cloud on Kubernetes (ECK) secret token configuration issue
CVE-2023-314174.1 MEDIUMElasticsearch Insertion of sensitive information in audit logs

IV. Related Vulnerabilities

Same product: Kibana
Same vendor: Elastic
Same weakness: CWE-532

V. Comments for CVE-2023-31422

No comments yet

Leave a comment