CVE-2023-46675

Name of the Vulnerable Software and Affected Versions Kibana versions prior to 8.11.2

Description An issue was discovered whereby sensitive information may be recorded in Kibana logs in the event of an error or when debug level logging is enabled. The messages recorded in the log may contain Account credentials for the kibana system user, API Keys, and credentials of Kibana end-users, Elastic Security package policy objects which can contain private keys, bearer token, and sessions of 3rd-party integrations, and finally Authorization headers, client secrets, local file paths, and stack traces. The issue may occur in any Kibana instance running an affected version that could potentially receive an unexpected error when communicating to Elasticsearch, causing it to include sensitive data into Kibana error logs. It could also occur under specific circumstances when debug level logging is enabled in Kibana.

Recommendations For Kibana versions prior to 8.11.2, update to Kibana 8.11.2 to resolve the issue. As a temporary workaround, consider disabling debug level logging in Kibana to minimize the risk of sensitive information being recorded in logs. Restrict access to Kibana logs to authorized personnel only. Avoid using sensitive information in Kibana until the issue is resolved.