CVE-2023-46668

MEDIUM

Elastic Endpoint <8.10.3 - Info Disclosure

Title source: llm

Description

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.

References (2)

Core 2

Core References

Release Notes

https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203

Mitigation, Vendor Advisory

https://www.elastic.co/community/security

Scores

CVSS v3 4.6

EPSS 0.0031

EPSS Percentile 54.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-532

Status published

Products (1)

elastic/endpoint 7.9.0 - 8.10.3

Published Oct 26, 2023

Tracked Since Feb 18, 2026