CVE-2023-31413

CVE-2023-31413

Vendor Elastic

Product Filebeat

Weakness CWE-200 · Info exposure

Published May 4, 2023

Last update January 29, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.

Key dates

02Disclosure timeline

May 4, 2023 CVE published

January 29, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-31413 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE