Elastic Fleet Server
3 CVEs affecting Elastic Fleet Server. Latest disclosed: 2025-01-23. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-52975 | Critical | 9.0 | 2025-01-23 | An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of t… |
CVE-2023-46667 | High | 8.1 | 2023-10-26 | An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text… |
CVE-2023-31421 | Medium | 5.9 | 2023-10-26 | It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid fo… |