Every CVE whose affected-product data names Elastic Elastic Agent, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-6687 — CVSS 6.8 (medium): An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that…
CVE-2024-37283 — CVSS 6.5 (medium): An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is…
CVE-2023-46669 — CVSS 6.2 (medium): Exposure of sensitive information to local unauthorized actors in Elastic Agent and Elastic Security Endpoint can lead to loss of…
CVE-2023-31421 — CVSS 5.9 (medium): It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server…
CVE-2024-52976 — CVSS 4.4 (medium): Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute…