Vulnerabilities > Elastic > APM Server > 7.4.0

DATE CVE VULNERABILITY TITLE RISK
2024-08-03 CVE-2024-37286 Information Exposure Through Log Files vulnerability in Elastic APM Server
APM server logs contain document body from a partially failed bulk index request.
network
low complexity
elastic CWE-532
6.5
6.5
2024-02-07 CVE-2024-23448 Information Exposure Through Log Files vulnerability in Elastic APM Server
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document.
network
low complexity
elastic CWE-532
7.5
7.5