VYPR
Vendor

Elastic

Products
36
CVEs
258
Across products
284
Status
Private

Products

36
View all 36 products →

Recent CVEs

258
View all 258 CVEs →
  • CVE-2015-1427CriKEVFeb 17, 2015
    risk 0.87cvss 9.8epss 1.00

    The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.

  • CVE-2014-3120HigKEVJul 28, 2014
    risk 0.68cvss 8.1epss 0.89

    The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user…

  • CVE-2018-3822CriMar 30, 2018
    risk 0.64cvss 9.8epss 0.02

    X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal. An attacker might have been able to impersonate a legitimate user if the SAML Identity Provider allows for self registration with…

  • CVE-2024-52975CriJan 23, 2025
    risk 0.59cvss 9.0epss 0.00

    An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of the sensitive information largely depends on the integrations enabled.

  • CVE-2015-5377CriMar 6, 2018
    risk 0.58cvss 9.8epss 0.15

    Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability

  • CVE-2018-3831HigSep 19, 2018
    risk 0.57cvss 8.8epss 0.02

    Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens,…

  • CVE-2017-8448HigSep 29, 2017
    risk 0.57cvss 8.8epss 0.01

    An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges.

  • CVE-2016-1000218HigJun 16, 2017
    risk 0.57cvss 8.8epss 0.01

    Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an attacker to generate superfluous reports whenever an authenticated Kibana user navigates to a specially-crafted page.

  • CVE-2017-8438HigJun 5, 2017
    risk 0.57cvss 8.8epss 0.01

    Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as functionality. This bug prevents transitioning into the specified user specified in a run_as request. If a role has been created using a template that contains the _user properties,…

  • CVE-2018-3827HigSep 19, 2018
    risk 0.53cvss 8.1epss 0.01

    A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged.

  • CVE-2017-14730HigSep 25, 2017
    risk 0.51cvss 7.8epss 0.00

    The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link.

  • CVE-2018-3828HigSep 19, 2018
    risk 0.49cvss 7.5epss 0.01

    Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An…

  • CVE-2015-4165HigAug 9, 2017
    risk 0.49cvss 7.5epss 0.04

    The snapshot API in Elasticsearch before 1.6.0 when another application exists on the system that can read Lucene files and execute code from them, is accessible by the attacker, and the Java VM on which Elasticsearch is running can write to a location that the other application…

  • CVE-2015-5378HigJun 27, 2017
    risk 0.49cvss 7.5epss 0.02

    Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server.

  • CVE-2017-8452HigJun 16, 2017
    risk 0.49cvss 7.5epss 0.01

    Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

  • CVE-2017-8450HigJun 16, 2017
    risk 0.49cvss 7.5epss 0.01

    X-Pack 5.1.1 did not properly apply document and field level security to multi-search and multi-get requests so users without access to a document and/or field may have been able to access this information.

  • CVE-2016-10363HigJun 16, 2017
    risk 0.49cvss 7.5epss 0.01

    Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled…

  • CVE-2016-1000222HigJun 16, 2017
    risk 0.49cvss 7.5epss 0.01

    Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data.

  • CVE-2016-1000219HigJun 16, 2017
    risk 0.49cvss 7.5epss 0.02

    Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers could be written to the log files. This information could be used to hijack sessions of other users when using Kibana behind some form of authentication such as…

  • CVE-2026-33466HigApr 8, 2026
    risk 0.46cvss 8.1epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory (CWE-22) in Logstash can lead to arbitrary file write and potentially remote code execution via Relative Path Traversal (CAPEC-139). The archive extraction utilities used by Logstash do not properly validate file paths…