216.73.217.50

CVE-2023-46669

· Published 01/05/2025 13:15 · Modified 01/05/2025 13:15

Labels: CVE-2023-46669 2025-05-01CVE-2023-46669CWE-200[email protected]

Essential information

Published
01/05/2025 13:15
Modified
01/05/2025 13:15
Author
Creator
CVSS
6.2 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

Exposure of sensitive information to local unauthorized actors in Elastic Agent and Elastic Security Endpoint can lead to loss of confidentiality and impersonation of Endpoint to the Elastic Stack. This issue was identified by Elastic engineers and Elastic has no indication that it is known or has been exploited by malicious actors.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
elastic / elastic agent cpe:2.3:a:elastic:elastic_agent:*:*:*:*:*:*:*:*
elastic / elastic security endpoint cpe:2.3:a:elastic:elastic_security_endpoint:*:*:*:*:*:*:*:*

References