2023-05-04 23:55:27 +02:00
{
"id" : "CVE-2023-31413" ,
"sourceIdentifier" : "bressers@elastic.co" ,
"published" : "2023-05-04T21:15:11.640" ,
2023-05-05 16:00:27 +02:00
"lastModified" : "2023-05-05T13:33:53.507" ,
"vulnStatus" : "Awaiting Analysis" ,
2023-05-04 23:55:27 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled."
}
] ,
"metrics" : { } ,
"weaknesses" : [
{
"source" : "bressers@elastic.co" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-200"
}
]
}
] ,
"references" : [
{
"url" : "https://discuss.elastic.co/t/elastic-stack-8-7-0-7-17-10-security-updates/332327" ,
"source" : "bressers@elastic.co"
} ,
{
"url" : "https://www.elastic.co/community/security/" ,
"source" : "bressers@elastic.co"
}
]
}
