Main Vulnerability Database SB2024112711

SB2024112711 - IBM Security SOAR update for Elastic Elasticsearch

Published: November 27, 2024

Security Bulletin ID SB2024112711

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Cleartext storage of sensitive information (CVE-ID: CVE-2024-23444)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists within the new Certificate Signing Requests when elasticsearch-certutil CLI tool is used with the csr option in order to create a new request. The associated private key that is generated is stored on disk unencrypted even if the --pass parameter is passed in the command invocation. A local user with access to the system can obtain the key.

Remediation

Install update from vendor's website.

References

https://www.ibm.com/support/pages/node/7176609