CVE-2023-43784: 
Homebrew vulnerability analysis and mitigation

Plesk Onyx 17.8.11 contains exposed accessKeyId and secretAccessKey fields related to an Amazon AWS Firehose component. This vulnerability was discovered in September 2023 and has been assigned CVE-2023-43784. While the vendor disputes any security implications, the vulnerability has received a CVSS v3.1 base score of 7.5 (HIGH) (NVD).

The vulnerability involves the exposure of AWS credentials (accessKeyId and secretAccessKey) in Plesk Onyx 17.8.11's Firehose component configuration. These credentials are visible in public-facing files, specifically related to the AWS Firehose streaming service configuration. The vulnerability has been classified under CWE-668 (Exposure of Resource to Wrong Sphere) and received a CVSS v3.1 vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating high confidentiality impact with network access vector (NVD).

The exposure of AWS credentials could potentially allow unauthorized access to AWS services configured with these credentials. However, according to Plesk's official response, the specific usage case of these visible keys poses no security threat (Plesk Forum).

While no official patch has been released due to the vendor's position that this is not a security threat, organizations can implement additional security measures such as restricting access to the configuration files or implementing network-level controls. For AWS credentials security best practices, refer to AWS's security credentials documentation (AWS Docs).

The security community has expressed concerns about the exposure of AWS credentials, leading to multiple security researchers reporting this issue. Some organizations have implemented workarounds such as denying access via customizing Plesk URL and restricting access to VPN-only connections (Plesk Forum).