CVE-2023-31421

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 26, 2023

Updated: Feb 15, 2024

CWE ID 295

Summary

CVE-2023-31421 is a vulnerability affecting Beats, Elastic Agent, APM Server, and Fleet Server when used as TLS clients. These applications fail to validate the server certificate's IP address against the target IP address during the validation process. As a result, even though certificate signature validation is performed, connections are not blocked as expected when the IP addresses do not match. This issue could potentially lead to man-in-the-middle attacks and unintended data exposure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Elastic Beats
Elastic Fleet Server

Affected Vendors

Elastic

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/svXVGS
https://www.cve.org/CVERecord?id=CVE-2023-31421
https://nvd.nist.gov/vuln/detail/CVE-2023-31421

Back to Vulnerability Database