Filtered by vendor Elastic
Subscribe
Total
115 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10366 | 1 Elastic | 1 Kibana | 2020-08-14 | 4.3 MEDIUM | 6.1 MEDIUM |
Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack. | |||||
CVE-2016-1000219 | 1 Elastic | 1 Kibana | 2020-08-14 | 5.0 MEDIUM | 7.5 HIGH |
Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers could be written to the log files. This information could be used to hijack sessions of other users when using Kibana behind some form of authentication such as Shield. | |||||
CVE-2020-7014 | 1 Elastic | 1 Elasticsearch | 2020-06-19 | 6.5 MEDIUM | 8.8 HIGH |
The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges. | |||||
CVE-2020-7010 | 1 Elastic | 1 Elastic Cloud On Kubernetes | 2020-06-05 | 5.0 MEDIUM | 7.5 HIGH |
Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK. | |||||
CVE-2020-7011 | 1 Elastic | 1 Elastic App Search | 2020-06-05 | 4.3 MEDIUM | 6.1 MEDIUM |
Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is able to control the contents of such a field, they could execute arbitrary JavaScript in the victim�s web browser. | |||||
CVE-2020-7009 | 1 Elastic | 1 Elasticsearch | 2020-04-09 | 6.5 MEDIUM | 8.8 HIGH |
Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges. | |||||
CVE-2018-3831 | 1 Elastic | 1 Elasticsearch | 2020-04-07 | 4.0 MEDIUM | 8.8 HIGH |
Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details. | |||||
CVE-2019-7617 | 1 Elastic | 1 Apm Agent | 2019-10-09 | 6.4 MEDIUM | 7.2 HIGH |
When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing. | |||||
CVE-2018-3828 | 1 Elastic | 1 Elastic Cloud Enterprise | 2019-10-09 | 3.5 LOW | 7.5 HIGH |
Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials. | |||||
CVE-2018-3822 | 1 Elastic | 1 X-pack | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal. An attacker might have been able to impersonate a legitimate user if the SAML Identity Provider allows for self registration with arbitrary identifiers and the attacker can register an account which an identifier that shares a suffix with a legitimate account. Both of those conditions must be true in order to exploit this flaw. | |||||
CVE-2018-3817 | 1 Elastic | 1 Logstash | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information. | |||||
CVE-2018-3826 | 1 Elastic | 1 Elasticsearch | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. When the access_key and security_key parameters are set using the _snapshot API they can be exposed as plain text by users able to query the _snapshot API. | |||||
CVE-2018-3825 | 1 Elastic | 1 Elastic Cloud Enterprise | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. Unless explicitly overwritten, this master key is predictable across all ECE deployments. If an attacker can connect to ZooKeeper directly they would be able to access configuration information of other tenants if their cluster ID is known. | |||||
CVE-2018-3824 | 1 Elastic | 3 Elasticsearch X-pack, Kibana X-pack, Logstash X-pack | 2019-10-09 | 4.3 MEDIUM | 6.1 MEDIUM |
X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. If an attacker is able to inject data into an index that has a ML job running against it, then when another user views the results of the ML job it could allow the attacker to obtain sensitive information from or perform destructive actions on behalf of that other ML user. | |||||
CVE-2018-17247 | 1 Elastic | 1 Elasticsearch | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could allow a user to access information that they should not have access to. | |||||
CVE-2018-17244 | 1 Elastic | 1 Elasticsearch | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to. | |||||
CVE-2017-8438 | 1 Elastic | 1 X-pack | 2019-10-09 | 6.5 MEDIUM | 8.8 HIGH |
Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as functionality. This bug prevents transitioning into the specified user specified in a run_as request. If a role has been created using a template that contains the _user properties, the behavior of run_as will be incorrect. Additionally if the run_as user specified does not exist, the transition will not happen. | |||||
CVE-2017-8445 | 1 Elastic | 1 X-pack | 2019-10-09 | 2.1 LOW | 5.5 MEDIUM |
An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node using any certificate to join a cluster. The proper behavior in this instance is for the TLS trust manager to deny all certificates. | |||||
CVE-2017-8442 | 1 Elastic | 1 X-pack | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication realm. This could allow an authenticated Elasticsearch user to improperly view these details. | |||||
CVE-2017-8441 | 1 Elastic | 1 X-pack | 2019-10-09 | 4.0 MEDIUM | 4.3 MEDIUM |
Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not always correctly apply Document Level Security to index aliases. This bug could allow a user with restricted permissions to view data they should not have access to when performing certain operations against an index alias. |