31Tem
CVE-2024-23444 | Elastic Elasticsearch up to 7.17.22/8.12.x Elasticsearch-certutil CLI Tool pass cleartext storage in a file or on disk
A vulnerability has been found in Elastic Elasticsearch up to 7.17.22/8.12.x and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Elasticsearch-certutil CLI Tool. The manipulation of the argument pass leads to cleartext storage in a file or on disk. This vulnerability is known as CVE-2024-23444. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.