Vulnerability Details CVE-2024-37283
An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is configured to debug. By default the log level is set to info, where no leak occurs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.6%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2024-37283
-
cpe:2.3:a:elastic:elastic_agent:8.6.0
-
cpe:2.3:a:elastic:elastic_agent:8.9.2