Filtered by vendor Elastic
Subscribe
Total
145 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37280 | 1 Elastic | 1 Elasticsearch | 2024-10-03 | N/A | 4.9 MEDIUM |
| A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature. | |||||
| CVE-2024-37279 | 1 Elastic | 1 Kibana | 2024-10-03 | N/A | 4.3 MEDIUM |
| A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries. | |||||
| CVE-2024-37288 | 1 Elastic | 1 Kibana | 2024-09-16 | N/A | 8.8 HIGH |
| A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Security’s built-in AI tools https://www.elastic.co/guide/en/security/current/ai-for-security.html and have configured an Amazon Bedrock connector https://www.elastic.co/guide/en/security/current/assistant-connect-to-bedrock.html . | |||||
| CVE-2024-37286 | 1 Elastic | 1 Apm Server | 2024-09-11 | N/A | 6.5 MEDIUM |
| APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged. | |||||
| CVE-2023-49921 | 1 Elastic | 1 Elasticsearch | 2024-09-11 | N/A | 6.5 MEDIUM |
| An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input’s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical. | |||||
| CVE-2024-37287 | 1 Elastic | 1 Kibana | 2024-08-22 | N/A | 7.2 HIGH |
| A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution. | |||||
| CVE-2024-23443 | 1 Elastic | 1 Kibana | 2024-08-19 | N/A | 4.9 MEDIUM |
| A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack. | |||||
| CVE-2024-23442 | 1 Elastic | 1 Kibana | 2024-08-07 | N/A | 6.1 MEDIUM |
| An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL. | |||||
| CVE-2015-5377 | 1 Elastic | 1 Elasticsearch | 2024-08-06 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability. | |||||
| CVE-2023-31416 | 1 Elastic | 2 Apm Server, Elastic Cloud On Kubernetes | 2024-07-25 | N/A | 5.3 MEDIUM |
| Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment. | |||||
| CVE-2019-7609 | 2 Elastic, Redhat | 2 Kibana, Openshift Container Platform | 2024-07-24 | 10.0 HIGH | 10.0 CRITICAL |
| Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. | |||||
| CVE-2015-1427 | 2 Elastic, Redhat | 2 Elasticsearch, Fuse | 2024-07-16 | 7.5 HIGH | 9.8 CRITICAL |
| The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script. | |||||
| CVE-2023-46672 | 1 Elastic | 1 Logstash | 2024-03-21 | N/A | 5.5 MEDIUM |
| An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format. * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration. | |||||
| CVE-2023-31421 | 1 Elastic | 4 Apm Server, Elastic Agent, Elastic Beats and 1 more | 2024-02-15 | N/A | 7.5 HIGH |
| It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the client is configured to connect to an IP address (instead of a hostname) it does not validate the server certificate's IP SAN values against that IP address and certificate validation fails, and therefore the connection is not blocked as expected. | |||||
| CVE-2024-23448 | 1 Elastic | 1 Apm Server | 2024-02-15 | N/A | 7.5 HIGH |
| An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs. | |||||
| CVE-2024-23446 | 1 Elastic | 1 Kibana | 2024-02-14 | N/A | 6.5 MEDIUM |
| An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security (DLS) or Field-level security (FLS) when querying the .alerts-security.alerts-{space_id} indices. Users who are authorized to call this API may obtain unauthorized access to documents if their roles are configured with DLS or FLS against the aforementioned index. | |||||
| CVE-2024-23447 | 1 Elastic | 1 Network Drive Connector | 2024-02-14 | N/A | 6.5 MEDIUM |
| An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user. | |||||
| CVE-2020-7010 | 1 Elastic | 1 Elastic Cloud On Kubernetes | 2024-02-10 | 5.0 MEDIUM | 7.5 HIGH |
| Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK. | |||||
| CVE-2023-46673 | 1 Elastic | 1 Elasticsearch | 2024-02-05 | N/A | 7.5 HIGH |
| It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. | |||||
| CVE-2021-22143 | 1 Elastic | 1 Apm .net Agent | 2024-02-05 | N/A | 4.3 MEDIUM |
| The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers will not be sanitized before being sent. | |||||