The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Elasticsearch

vulnerability note 29204

Elasticsearch: information disclosure via Opt-out Query Cache

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Opt-out Query Cache of Elasticsearch, in order to obtain sensitive information.
Impacted products: Elasticsearch.
Severity: 1/4.
Consequences: data reading.
Provenance: user account.
Creation date: 02/05/2019.
Identifiers: VIGILANCE-VUL-29204.

Description of the vulnerability

An attacker can bypass access restrictions to data via Opt-out Query Cache of Elasticsearch, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-7611

Elasticsearch: privilege escalation via Restricted Index

Synthesis of the vulnerability

An attacker can bypass restrictions via Restricted Index of Elasticsearch, in order to escalate his privileges.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: user account.
Creation date: 20/02/2019.
Identifiers: CVE-2019-7611, ESA-2019-04, VIGILANCE-VUL-28565.

Description of the vulnerability

An attacker can bypass restrictions via Restricted Index of Elasticsearch, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-17247

Elasticsearch: external XML entity injection via find_file_structure API

Synthesis of the vulnerability

An attacker can transmit malicious XML data via find_file_structure API to Elasticsearch, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: document.
Creation date: 06/12/2018.
Identifiers: CVE-2018-17247, VIGILANCE-VUL-27969.

Description of the vulnerability

An attacker can transmit malicious XML data via find_file_structure API to Elasticsearch, in order to read a file, scan sites, or trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-17244

Elasticsearch: information disclosure via User Data Caching

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via User Data Caching of Elasticsearch, in order to obtain sensitive information.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 07/11/2018.
Identifiers: CVE-2018-17244, VIGILANCE-VUL-27713.

Description of the vulnerability

An attacker can bypass access restrictions to data via User Data Caching of Elasticsearch, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-3831

Elasticsearch: information disclosure via _cluster/settings API

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via _cluster/settings API of Elasticsearch, in order to obtain sensitive information.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 19/09/2018.
Identifiers: CVE-2018-3831, VIGILANCE-VUL-27266.

Description of the vulnerability

An attacker can bypass access restrictions to data via _cluster/settings API of Elasticsearch, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 26642

Elasticsearch: information disclosure via Remote Cluster Thread Context

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Remote Cluster Thread Context of Elasticsearch, in order to obtain sensitive information.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 06/07/2018.
Identifiers: VIGILANCE-VUL-26642.

Description of the vulnerability

An attacker can bypass access restrictions to data via Remote Cluster Thread Context of Elasticsearch, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2018-3827

Elasticsearch: information disclosure via repository-azure

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via repository-azure of Elasticsearch, in order to obtain sensitive information.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 14/06/2018.
Identifiers: CVE-2018-3827, VIGILANCE-VUL-26431.

Description of the vulnerability

An attacker can bypass access restrictions to data via repository-azure of Elasticsearch, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-3826

Elasticsearch: information disclosure via _snapshot API

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via _snapshot API of Elasticsearch, in order to obtain sensitive information.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 14/06/2018.
Identifiers: CVE-2018-3826, ESA-2018-10, VIGILANCE-VUL-26430.

Description of the vulnerability

An attacker can bypass access restrictions to data via _snapshot API of Elasticsearch, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-3823 CVE-2018-3824

Elasticsearch: Cross Site Scripting via X-Pack Machine Learning

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via X-Pack Machine Learning of Elasticsearch, in order to run JavaScript code in the context of the web site.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 18/04/2018.
Identifiers: CVE-2018-3823, CVE-2018-3824, VIGILANCE-VUL-25908.

Description of the vulnerability

The Elasticsearch product offers a web service.

However, it does not filter received data via X-Pack Machine Learning before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via X-Pack Machine Learning of Elasticsearch, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-3822

X-Pack Security: privilege escalation via XML Canonicalization

Synthesis of the vulnerability

An attacker can bypass restrictions via XML Canonicalization of X-Pack Security, in order to escalate his privileges.
Impacted products: Elasticsearch.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: user account.
Creation date: 21/03/2018.
Identifiers: CVE-2018-3822, VIGILANCE-VUL-25613.

Description of the vulnerability

An attacker can bypass restrictions via XML Canonicalization of X-Pack Security, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Elasticsearch: