A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
References
Link | Resource |
---|---|
https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317 | Release Notes Vendor Advisory |
https://www.elastic.co/community/security/ | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: elastic
Published: 2022-09-28T19:34:00
Updated: 2022-09-28T19:34:00
Reserved: 2022-01-19T00:00:00
Link: CVE-2022-23716
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-28T20:15:11.307
Modified: 2022-09-30T18:14:44.783
Link: CVE-2022-23716
JSON object: View
Redhat Information
No data.
CWE