Vulnerabilities

CVE-2019-7615

by Fred · 30/07/2019

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the ‘server_ca_cert’ setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the middle style attack against the Ruby agent.

Date published : 2019-07-30

https://www.elastic.co/community/security/

Similar

Tags: Cybersecurity Alert