Filtered by vendor Elastic
Subscribe
Total
145 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-23443 | 1 Elastic | 1 Kibana | 2024-08-19 | N/A | 4.9 MEDIUM |
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack. | |||||
CVE-2024-23442 | 1 Elastic | 1 Kibana | 2024-08-07 | N/A | 6.1 MEDIUM |
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL. | |||||
CVE-2023-31416 | 1 Elastic | 2 Apm Server, Elastic Cloud On Kubernetes | 2024-07-25 | N/A | 5.3 MEDIUM |
Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment. | |||||
CVE-2019-7609 | 2 Elastic, Redhat | 2 Kibana, Openshift Container Platform | 2024-07-24 | 10.0 HIGH | 10.0 CRITICAL |
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. | |||||
CVE-2023-46672 | 1 Elastic | 1 Logstash | 2024-03-21 | N/A | 5.5 MEDIUM |
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format. * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration. | |||||
CVE-2023-31421 | 1 Elastic | 4 Apm Server, Elastic Agent, Elastic Beats and 1 more | 2024-02-15 | N/A | 7.5 HIGH |
It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the client is configured to connect to an IP address (instead of a hostname) it does not validate the server certificate's IP SAN values against that IP address and certificate validation fails, and therefore the connection is not blocked as expected. | |||||
CVE-2024-23448 | 1 Elastic | 1 Apm Server | 2024-02-15 | N/A | 7.5 HIGH |
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs. | |||||
CVE-2024-23446 | 1 Elastic | 1 Kibana | 2024-02-14 | N/A | 6.5 MEDIUM |
An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security (DLS) or Field-level security (FLS) when querying the .alerts-security.alerts-{space_id} indices. Users who are authorized to call this API may obtain unauthorized access to documents if their roles are configured with DLS or FLS against the aforementioned index. | |||||
CVE-2024-23447 | 1 Elastic | 1 Network Drive Connector | 2024-02-14 | N/A | 6.5 MEDIUM |
An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user. | |||||
CVE-2020-7010 | 1 Elastic | 1 Elastic Cloud On Kubernetes | 2024-02-10 | 5.0 MEDIUM | 7.5 HIGH |
Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK. | |||||
CVE-2023-46673 | 1 Elastic | 1 Elasticsearch | 2024-02-05 | N/A | 7.5 HIGH |
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. | |||||
CVE-2021-22143 | 1 Elastic | 1 Apm .net Agent | 2024-02-05 | N/A | 4.3 MEDIUM |
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers will not be sanitized before being sent. | |||||
CVE-2021-37937 | 1 Elastic | 1 Elasticsearch | 2024-02-05 | N/A | 8.8 HIGH |
An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account could escalate themselves to a super-user. | |||||
CVE-2021-22142 | 1 Elastic | 1 Kibana | 2024-02-05 | N/A | 8.8 HIGH |
Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protections to prevent this browser from rendering arbitrary content. | |||||
CVE-2023-6687 | 1 Elastic | 1 Elastic Agent | 2024-02-05 | N/A | 6.5 MEDIUM |
An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Elastic Agent attempted to ingest, this could lead to the insertion of sensitive or private information in the Elastic Agent logs. Elastic has released 8.11.3 and 7.17.16 that prevents this issue by limiting these types of logs to DEBUG level logging, which is disabled by default. | |||||
CVE-2021-37942 | 1 Elastic | 1 Apm Java Agent | 2024-02-05 | N/A | 7.8 HIGH |
A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions than their user typically has access to. | |||||
CVE-2021-22151 | 1 Elastic | 1 Kibana | 2024-02-05 | N/A | 4.3 MEDIUM |
It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension. | |||||
CVE-2023-49923 | 1 Elastic | 1 Enterprise Search | 2024-02-05 | N/A | 6.5 MEDIUM |
An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead to the insertion of sensitive or private information in the App Search logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by changing the log level at which these are logged to DEBUG, which is disabled by default. | |||||
CVE-2023-46675 | 1 Elastic | 1 Kibana | 2024-02-05 | N/A | 6.5 MEDIUM |
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana. Elastic has released Kibana 8.11.2 which resolves this issue. The messages recorded in the log may contain Account credentials for the kibana_system user, API Keys, and credentials of Kibana end-users, Elastic Security package policy objects which can contain private keys, bearer token, and sessions of 3rd-party integrations and finally Authorization headers, client secrets, local file paths, and stack traces. The issue may occur in any Kibana instance running an affected version that could potentially receive an unexpected error when communicating to Elasticsearch causing it to include sensitive data into Kibana error logs. It could also occur under specific circumstances when debug level logging is enabled in Kibana. Note: It was found that the fix for ESA-2023-25 in Kibana 8.11.1 for a similar issue was incomplete. | |||||
CVE-2023-49922 | 1 Elastic | 1 Elastic Beats | 2024-02-05 | N/A | 6.5 MEDIUM |
An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Beats or Elastic Agent attempted to ingest, this could lead to the insertion of sensitive or private information in the Beats or Elastic Agent logs. Elastic has released 8.11.3 and 7.17.16 that prevents this issue by limiting these types of logs to DEBUG level logging, which is disabled by default. |