An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances.The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format. * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.
{ "cpes": [ "cpe:2.3:a:elastic:logstash:*:*:*:*:*:*:*:*", "cpe:2.3:a:elastic:logstash:7.12.1:*:*:*:*:*:*:*" ], "severity": "High" }