Elasticsearch Repository-Azure Plugin Vulnerability: Inadvertent Logging of Azure Credentials
CVE-2018-3827 · HIGH Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged.
Learn more about our Azure Audit.