Vulnerability in Elastic Apm Server
CVE-2023-31421
It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still perf…
Vulnerability class: Improper Certificate Validation
EPSS: 0.003 (18.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Elastic Apm Server — versions 8.0.0, 8.9.2
- Elastic Apm_server
- Elastic Beats — versions 8.0.0, 8.9.2
- Elastic Agent — versions 8.0.0, 8.9.2
- Elastic Elastic_agent
- Elastic Elastic_beats
- Elastic Elastic_fleet_server
- Elastic Fleet Server — versions 8.0.0, 8.9.2
Weakness classification (CWE)
References
- security@elastic.co (Vendor Advisory)
- security@elastic.co (Vendor Advisory)
Frequently asked questions
- What is CVE-2023-31421?
- CVE-2023-31421 is a medium-severity vulnerability in Elastic Apm Server, classified under Improper Certificate Validation. CVSS score: 5.9/10. Published 2023-10-26.
- How severe is CVE-2023-31421?
- Medium severity. CVSS v3 base score is 5.9 out of 10.