CVE-2024-52975: Fleet Server sensitive information exposure via logs
First published: Thu Jan 23 2025(Updated: )
An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of the sensitive information largely depends on the integrations enabled.
Credit: bressers@elastic.co
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Elastic Elastic Fleet Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-52975?
CVE-2024-52975 is classified as a moderate severity vulnerability due to the potential exposure of sensitive information in logs.
How do I fix CVE-2024-52975?
To remediate CVE-2024-52975, you should update to the latest version of Elastic Fleet Server that addresses this logging issue.
What information is affected by CVE-2024-52975?
CVE-2024-52975 can log sensitive information based on the specific integrations enabled in Fleet Server.
Who is affected by CVE-2024-52975?
Users of Elastic Fleet Server, especially those with enabled integrations that handle sensitive data, are affected by CVE-2024-52975.
When was CVE-2024-52975 reported?
CVE-2024-52975 was reported in 2024 and highlights a potential security flaw in the logging mechanism of Elastic Fleet Server.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/event
- agent/author
- agent/severity
- agent/source
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/elastic
- canonical/elastic elastic fleet server