A critical vulnerability in Elastic’s Fleet Server, identified as CVE-2024-52975, was discovered on January 23, 2025. This vulnerability affects Fleet Server versions 8.13.0 through 8.15.0 and poses a severe risk of sensitive information exposure.
Elastic has published a security notice on their website indicating that a problem was discovered in Fleet Server. This issue pertains to Fleet policies that may include sensitive information being recorded at the INFO and ERROR log levels. The specific type of sensitive information involved is primarily determined by the integrations that are activated. The flaw has been classified as CWE-200: Exposure of Sensitive Information to an Unauthorized Actor and carries a CVSS v3.1 score of 9.0, indicating its severity.
To mitigate the risks associated with this vulnerability, users are strongly advised to upgrade to Fleet Server version 8.15.0 or later, review existing logs for potential exposure, restrict access to Fleet Server from untrusted networks, and enhance monitoring to detect suspicious activity.
#CyTech #CyTechNewsRoom #Cybersecurity #CISO #CISOWorkplace #RiskManagement #VulnerabilityAssessment #Elastic #Vulnerability
Leave a Reply