First published: Wed Nov 15 2023(Updated: )
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format. * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.
Credit: bressers@elastic.co
Affected Software | Affected Version | How to fix |
---|---|---|
Elastic Logstash | >=8.10.0<8.11.1 | |
Elastic Logstash | =7.12.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-46672 is a vulnerability that allows sensitive information to be recorded in Logstash logs under specific circumstances.
CVE-2023-46672 has a severity rating of 8.4 out of 10 (high).
Elastic Logstash versions between 8.10.0 and 8.11.1, and version 7.12.1 are affected by CVE-2023-46672.
Upgrade Elastic Logstash to a version beyond 8.11.1 or apply the security update for Logstash 8.11.1.
You can find more information about CVE-2023-46672 at the following references: [Link 1](https://discuss.elastic.co/t/logstash-8-11-1-security-update-esa-2023-26/347191), [Link 2](https://www.elastic.co/community/security).