Moderate severityNVD Advisory· Published Jul 26, 2024· Updated Aug 2, 2024

CVE-2023-49921

Description

An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input’s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.elasticsearch:elasticsearchMaven	< 7.17.16	7.17.16
org.elasticsearch:elasticsearchMaven	>= 8.0.0, < 8.11.2	8.11.2

Affected products

Elastic/Elasticsearchv5
Range: 7.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-2hjr-vmf3-xwvpghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2023-49921ghsaADVISORY
discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179ghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000