📦

apm-agent-ruby

Vendor: elastic

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 0.12% Exploit Prob.

Latest CVE CVE-2019-7615 Jul 30

Security Vulnerability Index

Page 1 / 1

7.4 CVSS

CVE-2019-7615

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the middle style attack against the Ruby agent.

EPSS: 0.12%

Severity: HIGH

Jul 30, 2019

Displaying 1 of 1 Total Entries

Total 1 Sections