Prassan10

**Name of the Vulnerable Software and Affected Versions** CubeAPM version nightly-2025-08-01-1 **Description** The software allows unauthenticated attackers to inject arbitrary log entries into production systems. This is possible through the `/api/logs/insert/elasticsearch/ bulk` API endpoint, which accepts bulk log data without authentication or input validation. Successful exploitation may result in false log entries, log poisoning, alert obfuscation, and potential performance degradation of the observability pipeline. The issue affects the core platform and is not limited to specific deployment configurations. **Recommendations** Apply authentication to the `/api/logs/insert/elasticsearch/ bulk` API endpoint. Implement input validation for data received by the `/api/logs/insert/elasticsearch/ bulk` API endpoint.