GSD-2020-7021
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-7021",
"description": "Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.",
"id": "GSD-2020-7021",
"references": [
"https://www.suse.com/security/cve/CVE-2020-7021.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-7021"
],
"details": "Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.",
"id": "GSD-2020-7021",
"modified": "2023-12-13T01:21:52.166236Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Elasticsearch",
"version": {
"version_data": [
{
"version_value": "before 7.10.0 and 6.8.14"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Insertion of Sensitive Information into Log File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210319-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210319-0003/"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,6.8.13],[7.0.0,7.0.9]",
"affected_versions": "All versions up to 6.8.13, all versions starting from 7.0.0 up to 7.0.9",
"cvss_v2": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-532",
"CWE-937"
],
"date": "2022-06-23",
"description": "Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.",
"fixed_versions": [
"6.8.14",
"7.10.0"
],
"identifier": "CVE-2020-7021",
"identifiers": [
"GHSA-cqgv-256r-m9r8",
"CVE-2020-7021"
],
"not_impacted": "All versions after 6.8.13 before 7.0.0, all versions after 7.0.9",
"package_slug": "maven/org.elasticsearch/elasticsearch",
"pubdate": "2022-05-24",
"solution": "Upgrade to versions 6.8.14, 7.10.0 or above.",
"title": "Insertion of Sensitive Information into Log File",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-7021",
"https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915",
"https://security.netapp.com/advisory/ntap-20210319-0003/",
"https://github.com/advisories/GHSA-cqgv-256r-m9r8"
],
"uuid": "122fa704-8d46-410a-808a-e243650a8d66"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.8.14",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.10.0",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2020-7021"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210319-0003/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210319-0003/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-03-26T12:49Z",
"publishedDate": "2021-02-10T19:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…