CVE-2022-23715

A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825	Vendor Advisory
https://www.elastic.co/community/security	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*

History

31 Aug 2022, 17:11

Type	Values Removed	Values Added
CWE		CWE-532
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
CPE		cpe:2.3:a:elastic:elastic_cloud_enterprise::::::::
First Time		Elastic Elastic elastic Cloud Enterprise
References	~~(MISC) https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825 -~~	(MISC) https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825 - Vendor Advisory
References	~~(MISC) https://www.elastic.co/community/security -~~	(MISC) https://www.elastic.co/community/security - Vendor Advisory

25 Aug 2022, 18:46

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-08-25 18:15

Updated : 2023-12-10 14:35

NVD link : CVE-2022-23715

Mitre link : CVE-2022-23715

CVE.ORG link : CVE-2022-23715

JSON object : View

Products Affected

elastic

elastic_cloud_enterprise

CWE

CWE-532

Insertion of Sensitive Information into Log File

{"id": "CVE-2022-23715", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-08-25T18:15:09.760", "references": [{"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825", "tags": ["Vendor Advisory"], "source": "bressers@elastic.co"}, {"url": "https://www.elastic.co/community/security", "tags": ["Vendor Advisory"], "source": "bressers@elastic.co"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-532"}]}, {"type": "Secondary", "source": "bressers@elastic.co", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore"}, {"lang": "es", "value": "Se ha detectado un fallo en ECE versiones anteriores a 3.4.0, que podr\u00eda conducir a una divulgaci\u00f3n de informaci\u00f3n confidencial, como las contrase\u00f1as de los usuarios y los valores de configuraci\u00f3n de los almacenes de claves de Elasticsearch, en registros tales como el registro de auditor\u00eda o los registros de despliegue en el cl\u00faster de registro y supervisi\u00f3n. Las APIs afectadas son PATCH /api/v1/user y PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore"}], "lastModified": "2022-08-31T17:11:47.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "913D8307-3AD1-4A5C-9AE4-B50090E43130", "versionEndExcluding": "3.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "bressers@elastic.co"}