All the vulnerabilites related to elastic - elasticsearch
Vulnerability from fkie_nvd
Published
2021-01-14 20:15
Modified
2024-11-21 05:49
Severity ?
Summary
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164 | Release Notes, Vendor Advisory | |
| bressers@elastic.co | https://security.netapp.com/advisory/ntap-20210219-0004/ | Third Party Advisory | |
| bressers@elastic.co | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210219-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| oracle | communications_cloud_native_core_automated_test_suite | 1.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1F6EA5-5747-4DB0-BD17-148468730A3F",
"versionEndExcluding": "7.10.2",
"versionStartIncluding": "7.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98FB24DB-AF91-48D0-9CA5-C8250D183FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2"
},
{
"lang": "es",
"value": "Elasticsearch versiones 7.7.0 hasta 7.10.1, contienen un fallo de divulgaci\u00f3n de informaci\u00f3n en la API de b\u00fasqueda as\u00edncrona.\u0026#xa0;Los usuarios que ejecutan una b\u00fasqueda as\u00edncrona almacenar\u00e1n inapropiadamente los encabezados HTTP.\u0026#xa0;Un usuario de Elasticsearch con la capacidad de leer el \u00edndice .tasks podr\u00eda obtener encabezados de petici\u00f3n confidenciales de otros usuarios en el cl\u00faster.\u0026#xa0;Este problema es corregido en Elasticsearch versi\u00f3n 7.10.2"
}
],
"id": "CVE-2021-22132",
"lastModified": "2024-11-21T05:49:34.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-14T20:15:13.407",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210219-0004/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210219-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-08 21:15
Modified
2024-11-21 05:49
Severity ?
Summary
A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of documents and fields the attacker should not be able to view.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835 | Release Notes, Vendor Advisory | |
| bressers@elastic.co | https://security.netapp.com/advisory/ntap-20210430-0006/ | Third Party Advisory | |
| bressers@elastic.co | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210430-0006/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| oracle | communications_cloud_native_core_automated_test_suite | 1.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D35D9FE-317D-4C53-8E39-4EFCCC2ABC05",
"versionEndIncluding": "7.11.0",
"versionStartIncluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98FB24DB-AF91-48D0-9CA5-C8250D183FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of documents and fields the attacker should not be able to view."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en una divulgaci\u00f3n de documentos en Elasticsearch versiones posteriores a 7.6.0 y versiones anteriores a 7.11.0, cuando es usada el Nivel de Seguridad de Documento o Campo.\u0026#xa0;Las peticiones Get no aplican apropiadamente unos permisos de seguridad cuando se ejecuta una consulta contra un documento recientemente actualizado. Esto afecta a los documentos que han sido actualizados y a\u00fan no se han refrescado en el \u00edndice. Esto podr\u00eda resultar en la b\u00fasqueda divulgue la existencia de documentos y campos que el atacante no deber\u00eda poder visualizar"
}
],
"id": "CVE-2021-22134",
"lastModified": "2024-11-21T05:49:34.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-08T21:15:16.947",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210430-0006/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210430-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-26 18:15
Modified
2024-11-21 08:01
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C6A492-CB85-4518-923D-891BC5AC2E15",
"versionEndIncluding": "7.17.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D22C8382-A8A1-49DF-8748-6E38EC8D8DD3",
"versionEndIncluding": "8.9.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.\n\n\n\n\n"
},
{
"lang": "es",
"value": "Se descubri\u00f3 una falla en Elasticsearch que afectaba a la API _search y permit\u00eda que una cadena de consulta especialmente manipulada provocara un desbordamiento de pila y, en \u00faltima instancia, una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2023-31419",
"lastModified": "2024-11-21T08:01:49.510",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-26T18:15:08.647",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-1-7-17-13-security-update/343297"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231116-0010/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-1-7-17-13-security-update/343297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231116-0010/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-18 17:15
Modified
2024-11-21 05:36
Severity ?
Summary
In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted index.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8227AA0-4EC4-4E00-AFA2-68D6F56A1360",
"versionEndExcluding": "6.8.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B247B7E7-8EAD-4B9A-AF75-CC74A4F2838F",
"versionEndExcluding": "7.9.0",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted index."
},
{
"lang": "es",
"value": "En Elasticsearch versiones anteriores a 7.9.0 y 6.8.12, se encontr\u00f3 un fallo de divulgaci\u00f3n de campo al ejecutar una b\u00fasqueda de desplazamiento con Field Level Security. Si un usuario ejecuta la misma consulta que otro usuario m\u00e1s privilegiado realiz\u00f3 recientemente, la b\u00fasqueda de desplazamiento puede filtrar campos que deber\u00edan estar ocultos. Esto podr\u00eda resultar en que un atacante consiga permisos adicionales contra un \u00edndice restringido."
}
],
"id": "CVE-2020-7019",
"lastModified": "2024-11-21T05:36:30.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-18T17:15:11.677",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-0-and-6-8-12-security-update/245456"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-0-and-6-8-12-security-update/245456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0001/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-270"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-25 19:29
Modified
2024-11-21 04:48
Severity ?
Summary
A permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name. This could result in an attacker gaining additional permissions against a restricted index.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE497C38-A3FA-4035-B170-5C58AAC425AE",
"versionEndExcluding": "5.6.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDDB30B-F1F5-4D7F-A7AA-8335B15FA9E8",
"versionEndExcluding": "6.6.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name. This could result in an attacker gaining additional permissions against a restricted index."
},
{
"lang": "es",
"value": "Se ha encontrado un problema de permiso en versiones anteriores a las 5.6.15 y 6.6.1 de Elasticsearch cuando se encuentran deshabilitados Field Level Security y Document Level Security, y se utilizan los endpoints _aliases, _shrink o _split. Si el archivo elasticsearch.yml tiene la opci\u00f3n xpack.security.dls_fls.enabled configurada en \u2018\u2018false\u2019\u2019, se omiten ciertas comprobaciones de permiso cuando los usuarios ejecutan una de las acciones mencionadas anteriormente, para hacer que los datos existentes sean disponibles bajo un nuevo alias o nombre de \u00edndice. Esto podr\u00eda resultar en que un atacante logre permisos adicionales en un \u00edndice restringido."
}
],
"id": "CVE-2019-7611",
"lastModified": "2024-11-21T04:48:23.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-25T19:29:02.257",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-13 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F9FE5BF-96E1-47AF-A8DF-3836949E3BE6",
"versionEndExcluding": "6.8.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "676FCEC5-9858-437A-A06F-9A6C08502E7E",
"versionEndExcluding": "7.11.2",
"versionStartIncluding": "7.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
},
{
"lang": "es",
"value": "En Elasticsearch versiones anteriores a 7.11.2 y la 6.8.15, se encontr\u00f3 un fallo en la divulgaci\u00f3n del documento cuando Document o Field Level Security es usado.\u0026#xa0;Las consultas de B\u00fasqueda no conservan apropiadamente los permisos de seguridad al ejecutar determinadas consultas de b\u00fasqueda cross-cluster.\u0026#xa0;Esto podr\u00eda resultar en que la b\u00fasqueda revele la existencia de documentos que el atacante no ser\u00eda capaz de visualizar.\u0026#xa0;Esto podr\u00eda resultar en que un atacante obtenga informaci\u00f3n adicional sobre \u00edndices potencialmente confiables"
}
],
"id": "CVE-2021-22137",
"lastModified": "2024-11-21T05:49:34.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-13T18:15:09.033",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-26 18:15
Modified
2024-11-21 08:01
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C6A492-CB85-4518-923D-891BC5AC2E15",
"versionEndIncluding": "7.17.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EE17C0-C05C-45E6-938D-0AAC9D554CFC",
"versionEndIncluding": "8.9.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.\n\n\n\n\n"
},
{
"lang": "es",
"value": "Elasticsearch generalmente filtra la informaci\u00f3n y las credenciales confidenciales antes de iniciar sesi\u00f3n en el registro de auditor\u00eda. Se descubri\u00f3 que este filtrado no se aplicaba cuando las solicitudes a Elasticsearch utilizan ciertos URI obsoletos para las API. El impacto de esta falla es que la informaci\u00f3n confidencial, como contrase\u00f1as y tokens, puede imprimirse en texto plano en los registros de auditor\u00eda de Elasticsearch. Tenga en cuenta que el registro de auditor\u00eda est\u00e1 deshabilitado de forma predeterminada y debe habilitarse expl\u00edcitamente e incluso cuando el registro de auditor\u00eda est\u00e1 habilitado, los cuerpos de solicitud que podr\u00edan contener informaci\u00f3n confidencial no se imprimen en el registro de auditor\u00eda a menos que se configure expl\u00edcitamente."
}
],
"id": "CVE-2023-31417",
"lastModified": "2024-11-21T08:01:49.250",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-26T18:15:08.500",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0006/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-13 17:15
Modified
2024-11-21 09:23
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A4C63-3959-459C-B784-14EE692BF07C",
"versionEndExcluding": "8.14.0",
"versionStartIncluding": "8.13.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of \u201cpassthrough\u201d type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature."
},
{
"lang": "es",
"value": "Se descubri\u00f3 una falla en Elasticsearch que afecta la ingesta de documentos cuando una plantilla de \u00edndice contiene un mapeo de campo din\u00e1mico de tipo \"paso a trav\u00e9s\". En determinadas circunstancias, la ingesta de documentos en este \u00edndice provocar\u00eda que se lanzara una excepci\u00f3n de StackOverflow y, en \u00faltima instancia, provocar\u00eda una denegaci\u00f3n de servicio. Tenga en cuenta que los campos de transferencia son una caracter\u00edstica experimental."
}
],
"id": "CVE-2024-37280",
"lastModified": "2024-11-21T09:23:31.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-13T17:15:50.967",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-14/361007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-14/361007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20240816-0003/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-21 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html | Exploit, Third Party Advisory, VDB Entry | |
| bressers@elastic.co | https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177 | Vendor Advisory | |
| bressers@elastic.co | https://security.netapp.com/advisory/ntap-20210827-0006/ | Third Party Advisory | |
| bressers@elastic.co | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210827-0006/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| oracle | communications_cloud_native_core_automated_test_suite | 1.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A9AF155-3C17-4B67-8FD2-A6058E7BF987",
"versionEndIncluding": "7.13.3",
"versionStartIncluding": "7.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98FB24DB-AF91-48D0-9CA5-C8250D183FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad de divulgaci\u00f3n de memoria en los informes de errores de Elasticsearch versiones 7.10.0 hasta 7.13.3. Un usuario con la habilidad de enviar consultas arbitrarias a Elasticsearch podr\u00eda enviar una consulta malformada que resultar\u00eda en un mensaje de error devuelto conteniendo porciones previamente usadas de un buffer de datos. Este b\u00fafer podr\u00eda contener informaci\u00f3n confidencial, como documentos de Elasticsearch o detalles de autenticaci\u00f3n"
}
],
"id": "CVE-2021-22145",
"lastModified": "2024-11-21T05:49:35.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-21T15:15:14.063",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-19 19:29
Modified
2024-11-21 04:06
Severity ?
Summary
Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035 | Mitigation, Vendor Advisory | |
| bressers@elastic.co | https://www.elastic.co/community/security | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.elastic.co/community/security | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7F9642-A6EA-44E1-A2A4-A24FFF8E535C",
"versionEndExcluding": "5.6.12",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6E9638-F648-4F35-84C6-8A733707CB10",
"versionEndExcluding": "6.4.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details."
},
{
"lang": "es",
"value": "Elasticsearch Alerting and Monitoring en versiones anteriores a la 6.4.1 o 5.6.12 tiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n cuando los secretos se configuran mediante la API. La API Elasticsearch _cluster/settings, cuando se hace una consulta, podr\u00eda filtrar informaci\u00f3n de configuraci\u00f3n sensible como contrase\u00f1as, tokens o nombres de usuario. Esto podr\u00eda permitir que un usuario de Elasticsearch autenticado visualice indebidamente estos detalles."
}
],
"id": "CVE-2018-3831",
"lastModified": "2024-11-21T04:06:07.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-19T19:29:01.343",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-03 22:15
Modified
2024-11-21 06:49
Severity ?
Summary
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20A97BD1-8E55-442F-A452-49E61C44C2F5",
"versionEndExcluding": "7.17.1",
"versionStartIncluding": "7.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Elasticsearch 7.17.0\u2019s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with \u201c*\u201d index permissions access to this index."
},
{
"lang": "es",
"value": "Se ha detectado un fallo en el asistente de actualizaci\u00f3n de Elasticsearch versi\u00f3n 7.17.0, en el que la actualizaci\u00f3n de la versi\u00f3n 6.x a 7.x deshabilitaba las protecciones incorporadas en el \u00edndice de seguridad, permitiendo a usuarios autenticados con permisos de \u00edndice \"*\" acceder a este \u00edndice"
}
],
"id": "CVE-2022-23708",
"lastModified": "2024-11-21T06:49:09.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-03T22:15:08.800",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0003/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-10 19:15
Modified
2024-11-21 05:36
Severity ?
Summary
Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E29B130D-9A66-4C56-BE6C-2388CF0475DF",
"versionEndExcluding": "6.8.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "846651C1-223C-413E-8FF5-7EC836A5C2BD",
"versionEndExcluding": "7.10.0",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details."
},
{
"lang": "es",
"value": "Las versiones de Elasticsearch versiones anteriores a 7.10.0 y 6.8.14, presentan un problema de divulgaci\u00f3n de informaci\u00f3n cuando se habilita el registro de auditor\u00eda y la opci\u00f3n emit_request_body.\u0026#xa0;El registro de auditor\u00eda de Elasticsearch podr\u00eda contener informaci\u00f3n confidencial como un hash de contrase\u00f1a o tokens de autenticaci\u00f3n.\u0026#xa0;Esto podr\u00eda permitir a un administrador de Elasticsearch visualizar estos detalles"
}
],
"id": "CVE-2020-7021",
"lastModified": "2024-11-21T05:36:30.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-10T19:15:11.870",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210319-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210319-0003/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-31 19:15
Modified
2024-11-21 05:36
Severity ?
Summary
Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920 | Mitigation, Release Notes, Vendor Advisory | |
| bressers@elastic.co | https://security.netapp.com/advisory/ntap-20200403-0004/ | Third Party Advisory | |
| bressers@elastic.co | https://www.elastic.co/community/security/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920 | Mitigation, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200403-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.elastic.co/community/security/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1505B55-8739-46A0-874D-8A13FE402975",
"versionEndExcluding": "6.8.8",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "226FB38D-4A53-4B74-AD24-24940DB7B40D",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges."
},
{
"lang": "es",
"value": "Elasticsearch versiones desde 6.7.0 en versiones anteriores a la 6.8.8 y versiones 7.0.0 en versiones anteriores a la 7.6.2 contienen un fallo de escalada de privilegios si un atacante es capaz de crear claves de la API. Un atacante que es capaz de generar una clave API puede llevar a cabo una serie de pasos que dan como resultado que se genere una clave API con privilegios elevados."
}
],
"id": "CVE-2020-7009",
"lastModified": "2024-11-21T05:36:29.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-31T19:15:14.447",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Mitigation",
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0004/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-266"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-30 22:15
Modified
2024-11-21 04:48
Severity ?
Summary
A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | https://www.elastic.co/community/security/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.elastic.co/community/security/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDA88F6-7E0A-429D-B64A-F2A3F1FAC1B4",
"versionEndExcluding": "6.8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9BBE0F-3BF0-4552-84D5-6ADA7932D8E3",
"versionEndExcluding": "7.2.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user."
},
{
"lang": "es",
"value": "Se detect\u00f3 un fallo de condici\u00f3n de carrera en los encabezados de respuesta que devuelve una petici\u00f3n de Elasticsearch versiones anteriores a 7.2.1 y 6.8.2. Sobre un sistema con m\u00faltiples usuarios que env\u00edan peticiones, un atacante podr\u00eda conseguir acceso al encabezado de respuesta que contiene datos confidenciales de otro usuario."
}
],
"id": "CVE-2019-7614",
"lastModified": "2024-11-21T04:48:24.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-30T22:15:12.443",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-17 15:59
Modified
2024-11-21 02:25
Severity ?
Summary
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * | |
| redhat | fuse | 1.0.0 |
{
"cisaActionDue": "2022-04-15",
"cisaExploitAdd": "2022-03-25",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA519AE4-05D4-4C0A-81F0-95C50B51DAEA",
"versionEndExcluding": "1.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F148EDE6-303D-4F26-B88D-D379BC003B42",
"versionEndExcluding": "1.4.3",
"versionStartIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:fuse:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F31D7E8-D31D-4268-9ABF-3733915AA226",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script."
},
{
"lang": "es",
"value": "El motor de secuencias de comandos Groovy en Elasticsearch anterior a 1.3.8 y 1.4.x anterior a 1.4.3 permite a atacantes remotos evadir el mecanismo de protecci\u00f3n de sandbox y ejecutar comandos de shell arbitrarios a trav\u00e9s de una secuencia de comandos manipulada."
}
],
"id": "CVE-2015-1427",
"lastModified": "2024-11-21T02:25:24.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2015-02-17T15:59:04.560",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72585"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-30 14:15
Modified
2024-11-21 04:48
Severity ?
Summary
Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB56E9B-63ED-4DA2-B654-7A1BFDEFA918",
"versionEndIncluding": "6.8.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "039EBA71-BE88-4904-8C5D-A825F41F27E4",
"versionEndIncluding": "7.3.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm."
},
{
"lang": "es",
"value": "Elasticsearch versiones 7.0.0 hasta 7.3.2 y versiones 6.7.0 hasta 6.8.3, contienen un fallo de divulgaci\u00f3n de nombre de usuario que se encontr\u00f3 en el servicio Key de la API. Un atacante no autenticado podr\u00eda enviar una petici\u00f3n especialmente dise\u00f1ada y determinar si un nombre de usuario existe en el reino nativo de Elasticsearch."
}
],
"id": "CVE-2019-7619",
"lastModified": "2024-11-21T04:48:24.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-30T14:15:11.380",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-4-0-security-update/201831"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-4-0-security-update/201831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-21 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html | Exploit, Third Party Advisory, VDB Entry | |
| bressers@elastic.co | https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180 | Vendor Advisory | |
| bressers@elastic.co | https://security.netapp.com/advisory/ntap-20210819-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210819-0005/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | 7.13.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:7.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C39993E0-0A9A-496C-B582-206941311A92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "All versions of Elastic Cloud Enterprise has the Elasticsearch \u201canonymous\u201d user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster."
},
{
"lang": "es",
"value": "Todas las versiones de Elastic Cloud Enterprise presentan el usuario \"anonymous\" de Elasticsearch habilitado por defecto en los clusters desplegados. Mientras que en la configuraci\u00f3n por defecto el usuario an\u00f3nimo no presenta permisos y no puede consultar con \u00e9xito cualquier API de Elasticsearch, un atacante podr\u00eda aprovechar el usuario an\u00f3nimo para conseguir informaci\u00f3n sobre determinados detalles de un cl\u00faster desplegado"
}
],
"id": "CVE-2021-22146",
"lastModified": "2024-11-21T05:49:35.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-21T15:15:14.100",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210819-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210819-0005/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-20 22:29
Modified
2024-11-21 03:54
Severity ?
Summary
Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | http://www.securityfocus.com/bid/106318 | Third Party Advisory, VDB Entry | |
| bressers@elastic.co | https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594 | Vendor Advisory | |
| bressers@elastic.co | https://www.elastic.co/community/security | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106318 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.elastic.co/community/security | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1033AC66-4A20-4113-B4CF-73FC799B2258",
"versionEndIncluding": "6.4.2",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to."
},
{
"lang": "es",
"value": "Elasticsearch Security, de la versi\u00f3n 6.4.0 a la 6.4.2, contiene un error en la forma en la que se aplican las cabeceras de petici\u00f3n a las peticiones cuando se emplean los realms de Active Directory, LDAP, Native o File. Una petici\u00f3n podr\u00eda recibir cabeceras destinadas a otra petici\u00f3n si se est\u00e1 autenticando el mismo usuario de forma simult\u00e1nea; al emplearse con \"run as\", esto podr\u00eda resultar en que la petici\u00f3n se ejecute como el usuario incorrecto. Esto podr\u00eda permitir a un usuario acceder a informaci\u00f3n a la que no deber\u00eda tener acceso."
}
],
"id": "CVE-2018-17244",
"lastModified": "2024-11-21T03:54:09.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-20T22:29:00.240",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106318"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-22 02:15
Modified
2024-11-21 06:16
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account could escalate themselves to a super-user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D9B543-8A33-4644-B846-ADAA6278ACD2",
"versionEndIncluding": "7.14.0",
"versionStartIncluding": "7.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account could escalate themselves to a super-user."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un problema con la forma en que se crean las claves API con la cuenta de servicio Fleet-Server. Cuando se crea una clave API con una cuenta de servicio, es posible que la clave API se cree con privilegios m\u00e1s altos de los previstos. Al utilizar esta vulnerabilidad, una cuenta de servicio Fleet-Server comprometida podr\u00eda convertirse en superusuario."
}
],
"id": "CVE-2021-37937",
"lastModified": "2024-11-21T06:16:06.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.2,
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-22T02:15:42.043",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-1-security-update/283077"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-1-security-update/283077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-06 18:15
Modified
2024-11-21 06:49
Severity ?
Summary
A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530 | Release Notes, Vendor Advisory | |
| bressers@elastic.co | https://security.netapp.com/advisory/ntap-20220707-0010/ | Third Party Advisory | |
| bressers@elastic.co | https://www.elastic.co/community/security/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220707-0010/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.elastic.co/community/security/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D68D665A-3685-4A99-A86D-22655151A6B8",
"versionEndExcluding": "8.2.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request."
},
{
"lang": "es",
"value": "Se ha detectado un fallo de Denegaci\u00f3n de Servicio en Elasticsearch. Usando esta vulnerabilidad, un atacante no autenticado podr\u00eda cerrar por la fuerza un nodo de Elasticsearch con una petici\u00f3n de red con un formato espec\u00edfico"
}
],
"id": "CVE-2022-23712",
"lastModified": "2024-11-21T06:49:09.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-06T18:15:09.300",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220707-0010/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220707-0010/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-26 18:15
Modified
2024-11-21 08:01
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * | |
| elastic | elastic_cloud_enterprise | * | |
| elastic | elastic_cloud_enterprise | 3.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7782710-73A4-4698-872E-CD9FE4362872",
"versionEndIncluding": "7.17.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40A93493-7FF2-46D1-8855-40B7CA831C47",
"versionEndIncluding": "8.8.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9311B386-FAD0-4DB8-A059-DAA46549F1D8",
"versionEndIncluding": "2.13.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elastic_cloud_enterprise:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20740FCD-DA43-49EF-B2E9-C85DFD13881A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild."
},
{
"lang": "es",
"value": "Se identific\u00f3 un problema con la forma en que Elasticsearch manej\u00f3 las solicitudes entrantes en la capa HTTP. Un usuario no autenticado podr\u00eda forzar la salida de un nodo de Elasticsearch con un error OutOfMemory enviando una cantidad moderada de solicitudes HTTP con formato incorrecto. El problema fue identificado por Elastic Engineering y no tenemos indicios de que se conozca o de que est\u00e9 siendo explotado en la naturaleza."
}
],
"id": "CVE-2023-31418",
"lastModified": "2024-11-21T08:01:49.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-26T18:15:08.587",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616"
},
{
"source": "bressers@elastic.co",
"url": "https://security.netapp.com/advisory/ntap-20231130-0005/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20231130-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-05 18:15
Modified
2024-11-21 08:29
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55A78A3C-711F-4BC6-B4BE-8106E17BFD5F",
"versionEndExcluding": "7.17.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A66F92FB-FF01-4D77-B9DC-B6863EBED138",
"versionEndExcluding": "8.9.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.\n"
},
{
"lang": "es",
"value": "Se identific\u00f3 un problema que permit\u00eda la deserializaci\u00f3n insegura de objetos Java desde propiedades de configuraci\u00f3n de Hadoop o Spark que podr\u00edan haber sido modificadas por usuarios autenticados. Elastic quisiera agradecer a Yakov Shafranovich, de Amazon Web Services, por informar este problema."
}
],
"id": "CVE-2023-46674",
"lastModified": "2024-11-21T08:29:02.453",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.5,
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-05T18:15:12.380",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-hadoop-7-17-11-8-9-0-security-update-esa-2023-28/348663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-hadoop-7-17-11-8-9-0-security-update-esa-2023-28/348663"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-20 22:29
Modified
2024-11-21 03:54
Severity ?
Summary
Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could allow a user to access information that they should not have access to.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | http://www.securityfocus.com/bid/106294 | Third Party Advisory, VDB Entry | |
| bressers@elastic.co | https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594 | Vendor Advisory | |
| bressers@elastic.co | https://www.elastic.co/community/security | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106294 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.elastic.co/community/security | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | 6.5.0 | |
| elastic | elasticsearch | 6.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6872390D-6001-424E-A4C0-AF2C2E73FB26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E7B0E1-E674-4055-B7E7-C1227E0872D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning\u0027s find_file_structure API. If a policy allowing external network access has been added to Elasticsearch\u0027s Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could allow a user to access information that they should not have access to."
},
{
"lang": "es",
"value": "Elasticsearch Security, en versiones 6.5.0 y 6.5.1, contiene un error de XEE (XML External Entity) en la API find_file_structure de Machine Learning. Si se ha a\u00f1adido una pol\u00edtica que permite acceso externo a la red al gestor de seguridad Java de Elasticsearch Security, un atacante podr\u00eda enviar una petici\u00f3n especialmente manipulada capaz de filtrar contenido de archivos locales en el nodo de Elasticsearch. Esto podr\u00eda permitir a un usuario acceder a informaci\u00f3n a la que no deber\u00eda tener acceso."
}
],
"id": "CVE-2018-17247",
"lastModified": "2024-11-21T03:54:09.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-20T22:29:00.427",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106294"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-22 17:15
Modified
2024-11-21 05:36
Severity ?
Summary
Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033 | Release Notes, Vendor Advisory | |
| bressers@elastic.co | https://security.netapp.com/advisory/ntap-20201123-0001/ | Third Party Advisory | |
| bressers@elastic.co | https://staging-website.elastic.co/community/security/ | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20201123-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://staging-website.elastic.co/community/security/ | Permissions Required, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADC1457-B782-4D06-9280-42A2052D8119",
"versionEndExcluding": "6.8.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DED6D55-3847-464C-B649-69DC899CCF4E",
"versionEndExcluding": "7.9.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
},
{
"lang": "es",
"value": "Elasticsearch versiones anteriores a 6.8.13 y 7.9.2, contienen un fallo de divulgaci\u00f3n de documentos cuando es usado Document o Field Level Security.\u0026#xa0;Las consultas de b\u00fasqueda no conservan apropiadamente los permisos de seguridad al ejecutar determinadas consultas complejas.\u0026#xa0;Esto podr\u00eda resultar en que la b\u00fasqueda divulgue la existencia de documentos que el atacante no deber\u00eda poder visualizar.\u0026#xa0;Esto podr\u00eda resultar en que un atacante pueda obtener informaci\u00f3n adicional sobre \u00edndices potencialmente confidenciales"
}
],
"id": "CVE-2020-7020",
"lastModified": "2024-11-21T05:36:30.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-22T17:15:12.693",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20201123-0001/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://staging-website.elastic.co/community/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20201123-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://staging-website.elastic.co/community/security/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-270"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-19 19:29
Modified
2024-11-21 04:06
Severity ?
Summary
In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. When the access_key and security_key parameters are set using the _snapshot API they can be exposed as plain text by users able to query the _snapshot API.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | 6.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C43932-90D7-4155-9F61-2430E18DDE34",
"versionEndIncluding": "6.2.4",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:6.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "80722BC9-FE00-4D7E-9E81-F0A1CEFE0F9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. When the access_key and security_key parameters are set using the _snapshot API they can be exposed as plain text by users able to query the _snapshot API."
},
{
"lang": "es",
"value": "En Elasticsearch desde la versi\u00f3n 6.0.0-beta1 hasta la 6.2.4, se ha detectado una vulnerabilidad de divulgaci\u00f3n en la API _snapshot. Cuando los par\u00e1metros access_key y security_key est\u00e1n configurados usando la API _snapshot, se pueden exponen como texto plano por los usuarios que sean capaz de lanzar una consulta a la API _snapshot."
}
],
"id": "CVE-2018-3826",
"lastModified": "2024-11-21T04:06:06.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-19T19:29:00.627",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-26 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| bressers@elastic.co | https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100 | Release Notes, Vendor Advisory | |
| bressers@elastic.co | https://security.netapp.com/advisory/ntap-20210827-0006/ | Third Party Advisory | |
| bressers@elastic.co | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210827-0006/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * | |
| oracle | communications_cloud_native_core_automated_test_suite | 1.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE3115F-9BC0-44F8-A0EC-0D42CCDA30AB",
"versionEndExcluding": "6.8.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68D4C16A-16D0-46C7-9133-AD04AED5EFE1",
"versionEndExcluding": "7.13.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98FB24DB-AF91-48D0-9CA5-C8250D183FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node."
},
{
"lang": "es",
"value": "En Elasticsearch versiones anteriores a 7.13.3 y la 6.8.17, se ha identificado una vulnerabilidad de recursi\u00f3n no controlada que pod\u00eda conllevar a un ataque de denegaci\u00f3n de servicio en el analizador Grok de Elasticsearch. Un usuario con la capacidad de enviar consultas arbitrarias a Elasticsearch podr\u00eda crear una consulta Grok maliciosa que bloquear\u00eda el nodo de Elasticsearch"
}
],
"id": "CVE-2021-22144",
"lastModified": "2024-11-21T05:49:35.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-26T12:15:08.547",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-13 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled on the index. Certain queries are able to enable the profiler and suggester which could lead to disclosing the existence of documents and fields the attacker should not be able to view.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F9FE5BF-96E1-47AF-A8DF-3836949E3BE6",
"versionEndExcluding": "6.8.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "676FCEC5-9858-437A-A06F-9A6C08502E7E",
"versionEndExcluding": "7.11.2",
"versionStartIncluding": "7.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled on the index. Certain queries are able to enable the profiler and suggester which could lead to disclosing the existence of documents and fields the attacker should not be able to view."
},
{
"lang": "es",
"value": "Elasticsearch versiones anteriores a 7.11.2 y 6.8.15, contienen un fallo en la divulgaci\u00f3n de documentos que se encontr\u00f3 en la API suggester y profile de Elasticsearch cuando Document and Field Level Security est\u00e1 habilitada.\u0026#xa0;La API suggester y profile normalmente est\u00e1n deshabilitadas para un \u00edndice cuando la seguridad a nivel de documento est\u00e1 habilitada en el \u00edndice.\u0026#xa0;Determinadas consultas son capaces de habilitar el profiler y suggester, lo que podr\u00eda conllevar a revelar la existencia de documentos y campos que el atacante no ser\u00eda capaz de visualizar"
}
],
"id": "CVE-2021-22135",
"lastModified": "2024-11-21T05:49:34.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-13T18:15:08.957",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-26 05:15
Modified
2024-11-21 08:34
Severity ?
5.2 (Medium) - CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input’s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14C7589A-0376-4250-AD12-6EFDE7BD19BB",
"versionEndExcluding": "7.17.16",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF905C27-2C06-4C2B-94B8-0EA091C11829",
"versionEndExcluding": "8.11.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input\u2019s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical."
},
{
"lang": "es",
"value": "Elastic descubri\u00f3 un problema por el cual la entrada de b\u00fasqueda de Watcher registraba los resultados de la consulta de b\u00fasqueda en el nivel de registro DEBUG. Esto podr\u00eda provocar que el contenido sin procesar de los documentos almacenados en Elasticsearch se imprima en registros. Elastic lanz\u00f3 las versiones 8.11.2 y 7.17.16 que resuelven este problema eliminando este registro excesivo. Este problema solo afecta a los usuarios que usan Watcher y tienen un Watch definido que usa la entrada de b\u00fasqueda y adem\u00e1s han configurado el registrador de la entrada de b\u00fasqueda en DEBUG o m\u00e1s fino, por ejemplo usando: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch .xpack.watcher.input, org.elasticsearch.xpack.watcher o m\u00e1s amplio, ya que los registradores son jer\u00e1rquicos."
}
],
"id": "CVE-2023-49921",
"lastModified": "2024-11-21T08:34:00.510",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 3.6,
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-26T05:15:10.270",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-22 10:15
Modified
2024-11-21 08:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D858CC-723F-44C8-A3EF-90563359D58F",
"versionEndExcluding": "7.17.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB218DA-EF68-46A0-9249-7FB7286CE35F",
"versionEndExcluding": "8.10.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.\n"
},
{
"lang": "es",
"value": "Se identific\u00f3 que los scripts con formato incorrecto utilizados en el procesador de scripts de una canalizaci\u00f3n de ingesta podr\u00edan provocar que un nodo de Elasticsearch fallara al llamar a la API Simulate Pipeline."
}
],
"id": "CVE-2023-46673",
"lastModified": "2024-11-21T08:29:02.250",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-22T10:15:08.417",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-15 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A26A46C5-D497-476F-A7E9-128F5E625231",
"versionEndExcluding": "7.14.0",
"versionStartIncluding": "7.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view."
},
{
"lang": "es",
"value": "Elasticsearch versiones anteriores a 7.14.0, no aplicaba la seguridad a nivel de documento y de campo a las instant\u00e1neas con capacidad de b\u00fasqueda. Esto pod\u00eda conllevar a que un usuario autenticado consiguiera acceso a informaci\u00f3n que no estaba autorizado a visualizar"
}
],
"id": "CVE-2021-22147",
"lastModified": "2024-11-21T05:49:35.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-15T12:15:08.917",
"references": [
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344"
},
{
"source": "bressers@elastic.co",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211008-0002/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211008-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-06 20:29
Modified
2024-11-21 02:32
Severity ?
Summary
Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/75938 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-15-365/ | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736 | Vendor Advisory | |
| cve@mitre.org | https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75938 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-15-365/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9F3AAE-7689-4585-9FA9-9C90D87946A4",
"versionEndExcluding": "1.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability"
},
{
"lang": "es",
"value": "** EN DISPUTA ** Elasticsearch, en versiones anteriores a la 1.6.1, permite que atacantes remotos ejecuten c\u00f3digo arbitrario mediante vectores sin especificar relacionados con el protocolo de transporte. NOTA: aparentemente, ZDI sostiene que CVE-2015-3253 y CVE-2015-5377 son la misma vulnerabilidad."
}
],
"id": "CVE-2015-5377",
"lastModified": "2024-11-21T02:32:54.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-06T20:29:00.390",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75938"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-03 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| elastic | elasticsearch | * | |
| elastic | elasticsearch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA3F192-8348-43DA-8075-D4062E7D89AC",
"versionEndIncluding": "6.8.7",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3628E8E8-502E-44FD-AF0E-E30A26B16D03",
"versionEndIncluding": "7.6.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges."
},
{
"lang": "es",
"value": "Se encontr\u00f3 que la soluci\u00f3n para CVE-2020-7009 estaba incompleta. Elasticsearch versiones desde 6.7.0 hasta 6.8.7 y 7.0.0 hasta 7.6.1, contienen un fallo de escalada de privilegios si un atacante puede crear claves de la API y tambi\u00e9n tokens de autenticaci\u00f3n. Un atacante que puede generar una clave de la API y un token de autenticaci\u00f3n puede llevar a cabo una serie de pasos que resultan en que un token de autenticaci\u00f3n se genere con privilegios elevados."
}
],
"id": "CVE-2020-7014",
"lastModified": "2024-11-21T05:36:29.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-03T18:15:23.043",
"references": [
{
"source": "bressers@elastic.co",
"url": "https://security.netapp.com/advisory/ntap-20200619-0003/"
},
{
"source": "bressers@elastic.co",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20200619-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.elastic.co/community/security/"
}
],
"sourceIdentifier": "bressers@elastic.co",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-266"
}
],
"source": "bressers@elastic.co",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2020-7014
Vulnerability from cvelistv5
Published
2020-06-03 17:55
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.elastic.co/community/security/ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200619-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200619-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "6.7.0 to 6.8.7 and 7.0.0 to 7.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266: Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-19T10:06:05",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200619-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "6.7.0 to 6.8.7 and 7.0.0 to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-266: Incorrect Privilege Assignment"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"url": "https://www.elastic.co/community/security/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200619-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200619-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2020-7014",
"datePublished": "2020-06-03T17:55:44",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22135
Vulnerability from cvelistv5
Published
2021-05-13 17:35
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled on the index. Certain queries are able to enable the profiler and suggester which could lead to disclosing the existence of documents and fields the attacker should not be able to view.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210625-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 7.11.2 and 6.8.15 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 7.11.2 and 6.8.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled on the index. Certain queries are able to enable the profiler and suggester which could lead to disclosing the existence of documents and fields the attacker should not be able to view."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-25T05:06:33",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 7.11.2 and 6.8.15"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled on the index. Certain queries are able to enable the profiler and suggester which could lead to disclosing the existence of documents and fields the attacker should not be able to view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210625-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22135",
"datePublished": "2021-05-13T17:35:17",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23712
Vulnerability from cvelistv5
Published
2022-06-06 17:07
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.elastic.co/community/security/ | x_refsource_MISC | |
| https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220707-0010/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | elasticsearch |
Version: versions 8.0.0 through 8.2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220707-0010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "versions 8.0.0 through 8.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-07T14:07:29",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220707-0010/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2022-23712",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "elasticsearch",
"version": {
"version_data": [
{
"version_value": "versions 8.0.0 through 8.2.0"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"url": "https://www.elastic.co/community/security/"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220707-0010/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220707-0010/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2022-23712",
"datePublished": "2022-06-06T17:07:29",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:45.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23445
Vulnerability from cvelistv5
Published
2024-06-12 13:58
Modified
2024-10-31 14:18
Severity ?
EPSS score ?
Summary
It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the field_security parameter, and the same cross-cluster API key also grants replication for the same index, the search restrictions are not enforced during cross cluster search operations and search results may include documents and terms that should not be returned.
This issue only affects the API key based security model for remote clusters https://www.elastic.co/guide/en/elasticsearch/reference/8.14/remote-clusters.html#remote-clusters-security-models that was previously a beta feature and is released as GA with 8.14.0
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 8.10.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23445",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T19:25:42.229359Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T14:18:21.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:24.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-13/360898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "8.14.0",
"status": "affected",
"version": "8.10.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-06-06T13:54:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIt was identified that if a \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body\"\u003ecross-cluster API key\u003c/a\u003e\u0026nbsp;restricts search for a given index using the \u003ccode\u003equery\u003c/code\u003e\u0026nbsp;or the \u003ccode\u003efield_security\u003c/code\u003e\u0026nbsp;parameter, and the same cross-cluster API key also grants replication for the same index, the search restrictions are not enforced during cross cluster search operations and search results may include documents and terms that should not be returned.\u003c/p\u003e\u003cp\u003eThis issue only affects the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.elastic.co/guide/en/elasticsearch/reference/8.14/remote-clusters.html#remote-clusters-security-models\"\u003eAPI key based security model for remote clusters\u003c/a\u003e\u0026nbsp;that was previously a beta feature and is released as GA with 8.14.0\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body \u00a0restricts search for a given index using the query\u00a0or the field_security\u00a0parameter, and the same cross-cluster API key also grants replication for the same index, the search restrictions are not enforced during cross cluster search operations and search results may include documents and terms that should not be returned.\n\nThis issue only affects the API key based security model for remote clusters https://www.elastic.co/guide/en/elasticsearch/reference/8.14/remote-clusters.html#remote-clusters-security-models \u00a0that was previously a beta feature and is released as GA with 8.14.0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T13:58:45.296Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-13/360898"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2024-23445",
"datePublished": "2024-06-12T13:58:45.296Z",
"dateReserved": "2024-01-16T21:31:26.029Z",
"dateUpdated": "2024-10-31T14:18:21.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-31417
Vulnerability from cvelistv5
Published
2023-10-26 17:47
Modified
2024-08-02 14:53
Severity ?
EPSS score ?
Summary
Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.0.0 ≤ Version: 8.0.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:53:31.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "7.17.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "8.9.1",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-09-06T22:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eElasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.\u003c/p\u003e\n\n\n"
}
],
"value": "Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-26T17:47:37.065Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479"
},
{
"url": "https://www.elastic.co/community/security"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231130-0006/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch Insertion of sensitive information in audit logs",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2023-31417",
"datePublished": "2023-10-26T17:47:37.065Z",
"dateReserved": "2023-04-27T18:54:56.704Z",
"dateUpdated": "2024-08-02T14:53:31.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-31418
Vulnerability from cvelistv5
Published
2023-10-26 17:36
Modified
2024-08-02 14:53
Severity ?
EPSS score ?
Summary
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.17.12 Version: 8.0.0 ≤ Version: 2.13.3 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:53:30.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "7.17.12"
},
{
"lessThan": "8.8.2",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThan": "3.6.0",
"status": "affected",
"version": "2.13.3",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-09-22T11:52:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild."
}
],
"value": "An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-26T17:36:42.723Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616"
},
{
"url": "https://www.elastic.co/community/security"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231130-0005/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch uncontrolled resource consumption",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2023-31418",
"datePublished": "2023-10-26T17:36:42.723Z",
"dateReserved": "2023-04-27T18:54:56.704Z",
"dateUpdated": "2024-08-02T14:53:30.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-17247
Vulnerability from cvelistv5
Published
2018-12-20 22:00
Modified
2024-08-05 10:47
Severity ?
EPSS score ?
Summary
Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could allow a user to access information that they should not have access to.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106294 | vdb-entry, x_refsource_BID | |
| https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594 | x_refsource_MISC | |
| https://www.elastic.co/community/security | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 6.5.0 and 6.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:47:04.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106294",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "6.5.0 and 6.5.1"
}
]
}
],
"datePublic": "2018-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning\u0027s find_file_structure API. If a policy allowing external network access has been added to Elasticsearch\u0027s Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could allow a user to access information that they should not have access to."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-25T10:57:01",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"name": "106294",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2018-17247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "6.5.0 and 6.5.1"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning\u0027s find_file_structure API. If a policy allowing external network access has been added to Elasticsearch\u0027s Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could allow a user to access information that they should not have access to."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106294",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106294"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594"
},
{
"name": "https://www.elastic.co/community/security",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2018-17247",
"datePublished": "2018-12-20T22:00:00",
"dateReserved": "2018-09-20T00:00:00",
"dateUpdated": "2024-08-05T10:47:04.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23444
Vulnerability from cvelistv5
Published
2024-07-31 17:26
Modified
2024-07-31 18:45
Severity ?
EPSS score ?
Summary
It was discovered by Elastic engineering that when elasticsearch-certutil CLI tool is used with the csr option in order to create a new Certificate Signing Requests, the associated private key that is generated is stored on disk unencrypted even if the --pass parameter is passed in the command invocation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.x < 7.17.23 Version: 8.x < 8.13.0 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T18:45:22.621905Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T18:45:42.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "7.17.23",
"status": "affected",
"version": "7.x",
"versionType": "custom"
},
{
"lessThan": "8.13.0",
"status": "affected",
"version": "8.x",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eIt was discovered by Elastic engineering that when \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eelasticsearch-certutil\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e CLI tool is used with the \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003ecsr\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e option in order to create a new Certificate Signing Requests, the associated private key that is generated is stored on disk unencrypted even if the \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e--pass\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e parameter is passed in the command invocation.\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e"
}
],
"value": "It was discovered by Elastic engineering that when elasticsearch-certutil CLI tool is used with the csr option in order to create a new Certificate Signing Requests, the associated private key that is generated is stored on disk unencrypted even if the --pass parameter is passed in the command invocation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T17:26:12.784Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-7-17-23-security-update-esa-2024-12/364157"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch elasticsearch-certutil csr fails to encrypt private key",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2024-23444",
"datePublished": "2024-07-31T17:26:12.784Z",
"dateReserved": "2024-01-16T21:31:26.029Z",
"dateUpdated": "2024-07-31T18:45:42.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7614
Vulnerability from cvelistv5
Published
2019-07-30 21:15
Modified
2024-08-04 20:54
Severity ?
EPSS score ?
Summary
A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.elastic.co/community/security/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 7.2.1 and 6.8.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.elastic.co/community/security/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 7.2.1 and 6.8.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T21:15:47",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.elastic.co/community/security/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 7.2.1 and 6.8.2"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"url": "https://www.elastic.co/community/security/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2019-7614",
"datePublished": "2019-07-30T21:15:47",
"dateReserved": "2019-02-07T00:00:00",
"dateUpdated": "2024-08-04T20:54:28.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-37937
Vulnerability from cvelistv5
Published
2023-11-22 01:45
Modified
2024-08-04 01:30
Severity ?
EPSS score ?
Summary
An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account could escalate themselves to a super-user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.13.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:30:08.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-1-security-update/283077"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "7.14.0",
"status": "affected",
"version": "7.13.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2021-09-01T16:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account could escalate themselves to a super-user."
}
],
"value": "An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account could escalate themselves to a super-user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-22T01:45:21.008Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-1-security-update/283077"
},
{
"url": "https://www.elastic.co/community/security"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-37937",
"datePublished": "2023-11-22T01:45:21.008Z",
"dateReserved": "2021-08-03T20:49:52.461Z",
"dateUpdated": "2024-08-04T01:30:08.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-3827
Vulnerability from cvelistv5
Published
2018-09-19 19:00
Modified
2024-08-05 04:57
Severity ?
EPSS score ?
Summary
A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.elastic.co/community/security | x_refsource_CONFIRM | |
| https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 6.3.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:57:23.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 6.3.0"
}
]
}
],
"datePublic": "2018-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Information Exposure Through Log Files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-19T18:57:01",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2018-3827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 6.3.0"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Information Exposure Through Log Files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777",
"refsource": "CONFIRM",
"url": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2018-3827",
"datePublished": "2018-09-19T19:00:00",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T04:57:23.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37280
Vulnerability from cvelistv5
Published
2024-06-13 16:26
Modified
2024-08-16 17:02
Severity ?
EPSS score ?
Summary
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 8.13.1 ≤ 8.13.4 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T21:15:50.336222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:15:56.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-16T17:02:41.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-14/361007"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240816-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "8.13.4",
"status": "affected",
"version": "8.13.1",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-06-07T04:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of \u201cpassthrough\u201d type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature."
}
],
"value": "A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of \u201cpassthrough\u201d type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:26:57.983Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-14/361007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch StackOverflow vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2024-37280",
"datePublished": "2024-06-13T16:26:57.983Z",
"dateReserved": "2024-06-05T14:21:14.941Z",
"dateUpdated": "2024-08-16T17:02:41.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-17244
Vulnerability from cvelistv5
Published
2018-12-20 22:00
Modified
2024-08-05 10:47
Severity ?
EPSS score ?
Summary
Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594 | x_refsource_MISC | |
| https://www.elastic.co/community/security | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/106318 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 6.4.0 to 6.4.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:47:04.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"name": "106318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106318"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "6.4.0 to 6.4.2"
}
]
}
],
"datePublic": "2018-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-27T10:57:01",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security"
},
{
"name": "106318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106318"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2018-17244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "6.4.0 to 6.4.2"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"
},
{
"name": "https://www.elastic.co/community/security",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security"
},
{
"name": "106318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106318"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2018-17244",
"datePublished": "2018-12-20T22:00:00",
"dateReserved": "2018-09-20T00:00:00",
"dateUpdated": "2024-08-05T10:47:04.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-3826
Vulnerability from cvelistv5
Published
2018-09-19 19:00
Modified
2024-08-05 04:57
Severity ?
EPSS score ?
Summary
In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. When the access_key and security_key parameters are set using the _snapshot API they can be exposed as plain text by users able to query the _snapshot API.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.elastic.co/community/security | x_refsource_CONFIRM | |
| https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 6.0.0-beta1 to 6.2.4 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:57:24.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "6.0.0-beta1 to 6.2.4"
}
]
}
],
"datePublic": "2018-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. When the access_key and security_key parameters are set using the _snapshot API they can be exposed as plain text by users able to query the _snapshot API."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-19T18:57:01",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2018-3826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "6.0.0-beta1 to 6.2.4"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. When the access_key and security_key parameters are set using the _snapshot API they can be exposed as plain text by users able to query the _snapshot API."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777",
"refsource": "CONFIRM",
"url": "https://discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2018-3826",
"datePublished": "2018-09-19T19:00:00",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T04:57:24.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7020
Vulnerability from cvelistv5
Published
2020-10-22 16:30
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://staging-website.elastic.co/community/security/ | x_refsource_MISC | |
| https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20201123-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 6.8.13 and 7.9.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://staging-website.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20201123-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 6.8.13 and 7.9.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-270",
"description": "CWE-270: Privilege Context Switching Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-23T11:06:12",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://staging-website.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20201123-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 6.8.13 and 7.9.2"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-270: Privilege Context Switching Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://staging-website.elastic.co/community/security/",
"refsource": "MISC",
"url": "https://staging-website.elastic.co/community/security/"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201123-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201123-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2020-7020",
"datePublished": "2020-10-22T16:30:15",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22145
Vulnerability from cvelistv5
Published
2021-07-21 11:20
Modified
2024-08-03 18:37
Severity ?
EPSS score ?
Summary
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210827-0006/ | x_refsource_CONFIRM | |
| https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:17.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:24:19",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210827-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"name": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177"
},
{
"name": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22145",
"datePublished": "2021-07-21T11:20:52",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:37:17.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23449
Vulnerability from cvelistv5
Published
2024-03-29 11:12
Modified
2024-08-12 13:14
Severity ?
EPSS score ?
Summary
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 8.4.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:24.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-1-security-update-esa-2024-05/356458"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23449",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T13:14:40.337052Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T13:14:56.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"repo": "https://github.com/elastic/elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "8.11.1",
"status": "affected",
"version": "8.4.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-03-29T11:03:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An uncaught exception in Elasticsearch \u0026gt;= 8.4.0 and \u0026lt; 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files."
}
],
"value": "An uncaught exception in Elasticsearch \u003e= 8.4.0 and \u003c 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-29T11:12:49.067Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-1-security-update-esa-2024-05/356458"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch Uncaught Exception",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2024-23449",
"datePublished": "2024-03-29T11:12:49.067Z",
"dateReserved": "2024-01-16T21:31:26.030Z",
"dateUpdated": "2024-08-12T13:14:56.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22134
Vulnerability from cvelistv5
Published
2021-03-08 20:40
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of documents and fields the attacker should not be able to view.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210430-0006/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: after 7.6.0 and before 7.11.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210430-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "after 7.6.0 and before 7.11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of documents and fields the attacker should not be able to view."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:24:16",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210430-0006/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "after 7.6.0 and before 7.11.0"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of documents and fields the attacker should not be able to view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210430-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210430-0006/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22134",
"datePublished": "2021-03-08T20:40:22",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7021
Vulnerability from cvelistv5
Published
2021-02-10 18:55
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210319-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 7.10.0 and 6.8.14 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210319-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 7.10.0 and 6.8.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-19T08:06:17",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210319-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 7.10.0 and 6.8.14"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Insertion of Sensitive Information into Log File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210319-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210319-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2020-7021",
"datePublished": "2021-02-10T18:55:15",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1427
Vulnerability from cvelistv5
Published
2015-02-17 15:00
Modified
2024-08-06 04:40
Severity ?
EPSS score ?
Summary
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/534689/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2017:0868 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/72585 | vdb-entry, x_refsource_BID | |
| http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/ | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/100850 | vdb-entry, x_refsource_XF | |
| http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html | x_refsource_MISC | |
| https://www.elastic.co/community/security/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72585"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72585"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72585"
},
{
"name": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/",
"refsource": "CONFIRM",
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"name": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"name": "https://www.elastic.co/community/security/",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1427",
"datePublished": "2015-02-17T15:00:00",
"dateReserved": "2015-01-31T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46673
Vulnerability from cvelistv5
Published
2023-11-22 09:27
Modified
2024-08-02 20:53
Severity ?
EPSS score ?
Summary
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.0.0 ≤ Version: 8.0.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "7.17.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "8.10.3",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-22T09:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.\u003cbr\u003e"
}
],
"value": "It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-22T09:27:10.454Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708"
},
{
"url": "https://www.elastic.co/community/security"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2023-46673",
"datePublished": "2023-11-22T09:27:10.454Z",
"dateReserved": "2023-10-24T17:28:32.186Z",
"dateUpdated": "2024-08-02T20:53:21.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-12539
Vulnerability from cvelistv5
Published
2024-12-17 20:50
Modified
2024-12-17 21:23
Severity ?
EPSS score ?
Summary
An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 8.16.0 ≤ 8.16.1 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12539",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-17T21:23:46.352572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T21:23:57.366Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "8.16.1",
"status": "affected",
"version": "8.16.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-17T20:29:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow."
}
],
"value": "An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T20:50:04.968Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-16-2-8-17-0-security-update/372091"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch Incorrect Authorization",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2024-12539",
"datePublished": "2024-12-17T20:50:04.968Z",
"dateReserved": "2024-12-11T20:10:08.792Z",
"dateUpdated": "2024-12-17T21:23:57.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-3831
Vulnerability from cvelistv5
Published
2018-09-19 19:00
Modified
2024-08-05 04:57
Severity ?
EPSS score ?
Summary
Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035 | x_refsource_CONFIRM | |
| https://www.elastic.co/community/security | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 5.6.12 and 6.4.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:57:24.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 5.6.12 and 6.4.1"
}
]
}
],
"datePublic": "2018-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-19T18:57:01",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2018-3831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 5.6.12 and 6.4.1"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035",
"refsource": "CONFIRM",
"url": "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035"
},
{
"name": "https://www.elastic.co/community/security",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2018-3831",
"datePublished": "2018-09-19T19:00:00",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T04:57:24.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7019
Vulnerability from cvelistv5
Published
2020-08-18 16:40
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted index.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-7-9-0-and-6-8-12-security-update/245456 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200827-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 7.9.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-0-and-6-8-12-security-update/245456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 7.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted index."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-270",
"description": "CWE-270: Privilege Context Switching Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T10:06:20",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-0-and-6-8-12-security-update/245456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 7.9.0"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted index."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-270: Privilege Context Switching Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-9-0-and-6-8-12-security-update/245456",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-9-0-and-6-8-12-security-update/245456"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200827-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200827-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2020-7019",
"datePublished": "2020-08-18T16:40:14",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23451
Vulnerability from cvelistv5
Published
2024-03-27 18:03
Modified
2024-08-01 23:06
Severity ?
EPSS score ?
Summary
Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a malicious user with a valid API key for a remote cluster configured to use the new Remote Cluster Security to read arbitrary documents from any index on the remote cluster, and only if they use the Elasticsearch custom transport protocol to issue requests with the target index ID, the shard ID and the document ID. None of Elasticsearch REST API endpoints are affected by this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 8.10.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-27T19:31:24.956481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:18.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:24.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-security-update-esa-2024-07/356315"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"repo": "https://github.com/elastic/elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "8.13.0",
"status": "affected",
"version": "8.10.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-03-27T17:52:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a\u0026nbsp;malicious user with a valid API key for a remote cluster configured to use the new Remote Cluster Security to read arbitrary documents from any index on the remote cluster, and only if they use the Elasticsearch custom transport protocol to issue requests with the target index ID, the shard ID and the document ID. None of Elasticsearch REST API endpoints are affected by this issue."
}
],
"value": "Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a\u00a0malicious user with a valid API key for a remote cluster configured to use the new Remote Cluster Security to read arbitrary documents from any index on the remote cluster, and only if they use the Elasticsearch custom transport protocol to issue requests with the target index ID, the shard ID and the document ID. None of Elasticsearch REST API endpoints are affected by this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T18:03:54.735Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-security-update-esa-2024-07/356315"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch Incorrect Authorization in the Remote Cluster Security API key based security model",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2024-23451",
"datePublished": "2024-03-27T18:03:25.802Z",
"dateReserved": "2024-01-16T21:31:26.030Z",
"dateUpdated": "2024-08-01T23:06:24.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-5377
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2024-08-06 06:50
Severity ?
EPSS score ?
Summary
Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75938 | vdb-entry, x_refsource_BID | |
| https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2 | x_refsource_MISC | |
| http://www.zerodayinitiative.com/advisories/ZDI-15-365/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:00.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"
},
{
"name": "75938",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75938"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-06T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"
},
{
"name": "75938",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75938"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736",
"refsource": "CONFIRM",
"url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"
},
{
"name": "75938",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75938"
},
{
"name": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2",
"refsource": "MISC",
"url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5377",
"datePublished": "2018-03-06T20:00:00",
"dateReserved": "2015-07-06T00:00:00",
"dateUpdated": "2024-08-06T06:50:00.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7619
Vulnerability from cvelistv5
Published
2019-10-30 13:37
Modified
2024-08-04 20:54
Severity ?
EPSS score ?
Summary
Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.elastic.co/community/security | x_refsource_CONFIRM | |
| https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908 | x_refsource_CONFIRM | |
| https://discuss.elastic.co/t/elastic-stack-7-4-0-security-update/201831 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.0.0, 7.0.1, 7.1.0, 7.1.1, 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 6.7.0, 6.7.1, 6.7.2, 6.8.0, 6.8.1, 6.8.2, 6.8.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-4-0-security-update/201831"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "7.0.0, 7.0.1, 7.1.0, 7.1.1, 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 6.7.0, 6.7.1, 6.7.2, 6.8.0, 6.8.1, 6.8.2, 6.8.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-30T13:37:42",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-4-0-security-update/201831"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "7.0.0, 7.0.1, 7.1.0, 7.1.1, 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 6.7.0, 6.7.1, 6.7.2, 6.8.0, 6.8.1, 6.8.2, 6.8.3"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908",
"refsource": "CONFIRM",
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-4-0-security-update/201831",
"refsource": "CONFIRM",
"url": "https://discuss.elastic.co/t/elastic-stack-7-4-0-security-update/201831"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2019-7619",
"datePublished": "2019-10-30T13:37:42",
"dateReserved": "2019-02-07T00:00:00",
"dateUpdated": "2024-08-04T20:54:28.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22146
Vulnerability from cvelistv5
Published
2021-07-21 11:28
Modified
2024-08-03 18:37
Severity ?
EPSS score ?
Summary
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210819-0005/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210819-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of Elastic Cloud Enterprise has the Elasticsearch \u201canonymous\u201d user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T09:06:37",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210819-0005/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "All versions of Elastic Cloud Enterprise has the Elasticsearch \u201canonymous\u201d user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180"
},
{
"name": "http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210819-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210819-0005/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22146",
"datePublished": "2021-07-21T11:28:12",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7009
Vulnerability from cvelistv5
Published
2020-03-31 19:05
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.elastic.co/community/security/ | x_refsource_MISC | |
| https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200403-0004/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: All versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:03.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "All versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266: Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-03T13:06:06",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0004/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "All versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-266: Incorrect Privilege Assignment"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"url": "https://www.elastic.co/community/security/"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200403-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200403-0004/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2020-7009",
"datePublished": "2020-03-31T19:05:13",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:03.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22138
Vulnerability from cvelistv5
Published
2021-05-13 17:35
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. When specifying a trusted server CA certificate Logstash would not properly verify the certificate returned by the monitoring server. This could result in a man in the middle style attack against the Logstash monitoring data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210629-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: after 6.4.0 and before 6.8.15 and 7.12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:24.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "after 6.4.0 and before 6.8.15 and 7.12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. When specifying a trusted server CA certificate Logstash would not properly verify the certificate returned by the monitoring server. This could result in a man in the middle style attack against the Logstash monitoring data."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T09:06:14",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "after 6.4.0 and before 6.8.15 and 7.12.0"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. When specifying a trusted server CA certificate Logstash would not properly verify the certificate returned by the monitoring server. This could result in a man in the middle style attack against the Logstash monitoring data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210629-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210629-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22138",
"datePublished": "2021-05-13T17:35:19",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:24.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7611
Vulnerability from cvelistv5
Published
2019-03-25 18:34
Modified
2024-08-04 20:54
Severity ?
EPSS score ?
Summary
A permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name. This could result in an attacker gaining additional permissions against a restricted index.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077 | x_refsource_MISC | |
| https://www.elastic.co/community/security | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 5.6.15 and 6.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 5.6.15 and 6.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name. This could result in an attacker gaining additional permissions against a restricted index."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-25T18:34:06",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.elastic.co/community/security"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 5.6.15 and 6.6.1"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name. This could result in an attacker gaining additional permissions against a restricted index."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"name": "https://www.elastic.co/community/security",
"refsource": "MISC",
"url": "https://www.elastic.co/community/security"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2019-7611",
"datePublished": "2019-03-25T18:34:06",
"dateReserved": "2019-02-07T00:00:00",
"dateUpdated": "2024-08-04T20:54:28.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-49921
Vulnerability from cvelistv5
Published
2024-07-26 05:10
Modified
2024-08-02 22:09
Severity ?
EPSS score ?
Summary
An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input’s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.0.0 ≤ Version: 8.0.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49921",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T13:47:02.043424Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T13:47:08.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "7.17.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "8.11.2",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-12-12T06:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input\u2019s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical."
}
],
"value": "An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input\u2019s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T05:10:33.913Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2023-49921",
"datePublished": "2024-07-26T05:10:33.913Z",
"dateReserved": "2023-12-02T16:06:57.309Z",
"dateUpdated": "2024-08-02T22:09:49.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22147
Vulnerability from cvelistv5
Published
2021-09-15 11:36
Modified
2024-08-03 18:37
Severity ?
EPSS score ?
Summary
Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.elastic.co/community/security/ | x_refsource_MISC | |
| https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20211008-0002/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: versions 7.11.0 to 7.13.4 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:17.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211008-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "versions 7.11.0 to 7.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-08T14:06:33",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.elastic.co/community/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20211008-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "versions 7.11.0 to 7.13.4"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732: Incorrect Permission Assignment for Critical Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security/",
"refsource": "MISC",
"url": "https://www.elastic.co/community/security/"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211008-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211008-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22147",
"datePublished": "2021-09-15T11:36:19",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:37:17.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22132
Vulnerability from cvelistv5
Published
2021-01-14 19:20
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210219-0004/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.7.0 to 7.10.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210219-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "7.7.0 to 7.10.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:24:15",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210219-0004/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "7.7.0 to 7.10.1"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522: Insufficiently Protected Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210219-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210219-0004/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22132",
"datePublished": "2021-01-14T19:20:12",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-31419
Vulnerability from cvelistv5
Published
2023-10-26 17:06
Modified
2024-08-02 14:53
Severity ?
EPSS score ?
Summary
A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.0.0 ≤ Version: 8.0.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:53:31.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-1-7-17-13-security-update/343297"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231116-0010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "7.17.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "8.9.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-09-18T20:40:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.\u003c/p\u003e\n\n\n"
}
],
"value": "A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-26T18:49:20.424Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-1-7-17-13-security-update/343297"
},
{
"url": "https://www.elastic.co/community/security"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231116-0010/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch StackOverflow vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2023-31419",
"datePublished": "2023-10-26T17:06:14.305Z",
"dateReserved": "2023-04-27T18:54:56.704Z",
"dateUpdated": "2024-08-02T14:53:31.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22137
Vulnerability from cvelistv5
Published
2021-05-13 17:35
Modified
2024-08-03 18:30
Severity ?
EPSS score ?
Summary
In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210625-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: before 7.11.2 and 6.8.15 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 7.11.2 and 6.8.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-25T05:06:35",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 7.11.2 and 6.8.15"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210625-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210625-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22137",
"datePublished": "2021-05-13T17:35:18",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23708
Vulnerability from cvelistv5
Published
2022-03-03 21:48
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.
References
| ▼ | URL | Tags |
|---|---|---|
| https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220729-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | elasticsearch |
Version: Versions 7.16.0 through 7.17.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "elasticsearch",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "Versions 7.16.0 through 7.17.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in Elasticsearch 7.17.0\u2019s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with \u201c*\u201d index permissions access to this index."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-29T19:13:54",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2022-23708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "elasticsearch",
"version": {
"version_data": [
{
"version_value": "Versions 7.16.0 through 7.17.0"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was discovered in Elasticsearch 7.17.0\u2019s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with \u201c*\u201d index permissions access to this index."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220729-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220729-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2022-23708",
"datePublished": "2022-03-03T21:48:14",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:45.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23450
Vulnerability from cvelistv5
Published
2024-03-27 17:03
Modified
2024-08-01 23:06
Severity ?
EPSS score ?
Summary
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch |
Version: 7.0.0 ≤ Version: 8.0.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23450",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T01:36:22.850894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T01:36:29.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:24.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-7-17-19-security-update-esa-2024-06/356314"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240517-0010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch",
"vendor": "Elastic",
"versions": [
{
"lessThan": "7.17.19",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "8.13.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-03-27T16:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash."
}
],
"value": "A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T17:03:48.290Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-7-17-19-security-update-esa-2024-06/356314"
},
{
"url": "https://www.elastic.co/community/security"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0010/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch Uncontrolled Resource Consumption vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2024-23450",
"datePublished": "2024-03-27T17:03:48.290Z",
"dateReserved": "2024-01-16T21:31:26.030Z",
"dateUpdated": "2024-08-01T23:06:24.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22144
Vulnerability from cvelistv5
Published
2021-07-26 11:48
Modified
2024-08-03 18:37
Severity ?
EPSS score ?
Summary
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
| https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210827-0006/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:17.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:24:18",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2021-22144",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210827-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2021-22144",
"datePublished": "2021-07-26T11:48:40",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:37:17.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46674
Vulnerability from cvelistv5
Published
2023-12-05 17:21
Modified
2024-08-28 14:26
Severity ?
EPSS score ?
Summary
An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Elastic | Elasticsearch-Hadoop |
Version: 1.3.0 Version: 8.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elasticsearch-hadoop-7-17-11-8-9-0-security-update-esa-2023-28/348663"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46674",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T14:22:46.987153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:26:21.336Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elasticsearch-Hadoop",
"vendor": "Elastic",
"versions": [
{
"lessThan": "7.17.11",
"status": "affected",
"version": "1.3.0",
"versionType": "1.x.x"
},
{
"lessThan": "8.9.0",
"status": "affected",
"version": "8.0.0",
"versionType": "8.x.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eAn issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eElastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e"
}
],
"value": "An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-05T17:21:59.184Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elasticsearch-hadoop-7-17-11-8-9-0-security-update-esa-2023-28/348663"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elasticsearch-hadoop Unsafe Deserialization",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2023-46674",
"datePublished": "2023-12-05T17:21:59.184Z",
"dateReserved": "2023-10-24T17:28:32.186Z",
"dateUpdated": "2024-08-28T14:26:21.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}