Vulnerabilities > Elastic > APM Agent > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-08 CVE-2021-37941 Improper Privilege Management vulnerability in Elastic APM Agent
A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent.
local
low complexity
elastic CWE-269
7.8
2019-08-22 CVE-2019-7617 Improper Input Validation vulnerability in Elastic APM Agent
When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header.
network
low complexity
elastic CWE-20
7.2