Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: elastic
Published: 2023-10-26T18:46:21.531Z
Updated: 2024-09-09T16:16:37.729Z
Reserved: 2023-04-27T18:54:56.704Z
Link: CVE-2023-31416
Vulnrichment
Updated: 2024-08-02T14:53:30.908Z
NVD
Status : Analyzed
Published: 2023-10-26T19:15:45.270
Modified: 2024-07-25T14:21:30.457
Link: CVE-2023-31416
Redhat
No data.