{"id":"BIT-logstash-2023-46672","summary":"Logstash Insertion of Sensitive Information into Log File","details":"An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances.\n\nThe prerequisites for the manifestation of this issue are:\n\n  *  Logstash  is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format.\n\n\n  *  Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.","aliases":["CVE-2023-46672"],"modified":"2025-05-20T10:02:07.006Z","published":"2024-03-06T10:55:19.003Z","database_specific":{"severity":"Medium","cpes":["cpe:2.3:a:elastic:logstash:*:*:*:*:*:*:*:*","cpe:2.3:a:elastic:logstash:7.12.1:*:*:*:*:*:*:*"]},"references":[{"type":"WEB","url":"https://discuss.elastic.co/t/logstash-8-11-1-security-update-esa-2023-26/347191"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20240125-0002/"},{"type":"WEB","url":"https://www.elastic.co/community/security"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20240229-0001/"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46672"}],"affected":[{"package":{"name":"logstash","ecosystem":"Bitnami","purl":"pkg:bitnami/logstash"},"ranges":[{"type":"SEMVER","events":[{"introduced":"7.12.1"},{"fixed":"7.12.2"},{"introduced":"8.10.0"},{"fixed":"8.11.1"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/logstash/BIT-logstash-2023-46672.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}],"schema_version":"1.7.3"}