Filtered by vendor Elastic Subscriptions
Filtered by product Apm-agent-ruby Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-7615 1 Elastic 1 Apm-agent-ruby 2023-03-03 7.4 High
A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the middle style attack against the Ruby agent.