github.com/elastic/beats is vulnerable to Information Disclosure. A local authenticated attacker is able to gain access to http request authorization or proxy-authorization header contents through leaked logs due to a flaw in httpjson
input when debug logging is enabled, resulting in disclosure of sensitive information.
discuss.elastic.co/t/elastic-stack-8-7-0-7-17-10-security-updates/332327
github.com/elastic/beats/commit/022d2b01e500bedbd6216da734b6e4e43ec22f14
github.com/elastic/beats/commit/d10469e033f9dabf6fef27bdb6a3a7ca1e1a5177
github.com/elastic/beats/pull/33610
github.com/elastic/beats/pull/34743
www.elastic.co/community/security/