Elastic Apm_server
4 CVEs affecting Elastic Apm_server. Latest disclosed: 2024-08-03. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-31421 | Medium | 5.9 | 2023-10-26 | It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid fo… |
CVE-2024-37286 | Medium | 5.7 | 2024-08-03 | APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document… |
CVE-2024-23448 | Medium | 5.7 | 2024-02-07 | An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that respon… |
CVE-2023-31416 | Medium | 5.3 | 2023-10-26 | Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. This could lead to anonymous requests to an APM Server being accepted an… |