Elastic Agent
CVE-2023-46669
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
Exposure of sensitive information to local unauthorized actors in Elastic Agent and Elastic Security Endpoint can lead to loss of confidentiality and impersonation of Endpoint to the Elastic Stack. This issue was identified by Elastic engineers and Elastic has no indication that it is known or has been exploited by malicious actors.
AnalysisAI
Exposure of sensitive information to local unauthorized actors in Elastic Agent and Elastic Security Endpoint can lead to loss of confidentiality and impersonation of Endpoint to the Elastic Stack. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. Exposure of sensitive information to local unauthorized actors in Elastic Agent and Elastic Security Endpoint can lead to loss of confidentiality and impersonation of Endpoint to the Elastic Stack. This issue was identified by Elastic engineers and Elastic has no indication that it is known or has been exploited by malicious actors. Affected products include: Elastic Elastic Agent, Elastic Endpoint Security.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.
More in Elastic Agent
View allIt was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whe
An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the lo
An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR leve
Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attacker
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today