Elastic Elastic Agent
4 CVEs affecting Elastic Elastic Agent. Latest disclosed: 2025-05-01. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6687 | Medium | 6.8 | 2023-12-12 | An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsea… |
CVE-2024-37283 | Medium | 6.5 | 2024-08-12 | An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is configured to debug. By defa… |
CVE-2023-31421 | Medium | 5.9 | 2023-10-26 | It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid fo… |
CVE-2024-52976 | Medium | 4.4 | 2025-05-01 | Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via paramet… |