CVE-2024-23448

Name of the Vulnerable Software and Affected Versions Elastic APM Server versions prior to 8.12.1

Description An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed, and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs. This could allow an attacker to impact the confidentiality of protected information through log files.

Recommendations For Elastic APM Server versions prior to 8.12.1, update to version 8.12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the log files to minimize the risk of exploitation. Avoid using the APM Server to ingest sensitive documents until the issue is resolved.