Vulnerability Details CVE-2024-37283
An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is configured to debug. By default the log level is set to info, where no leak occurs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.6%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2024-37283
-
cpe:2.3:a:elastic:elastic_agent:8.6.0
-
cpe:2.3:a:elastic:elastic_agent:8.9.2