VYPR

Vendor CVEs

Elastic

All CVEs

258 total · sorted by risk
  • CVE-2024-37282Jun 28, 2024
    risk 0.00cvss epss 0.01

    It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.

  • CVE-2024-23443Jun 19, 2024
    risk 0.00cvss epss 0.02

    A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack.

  • CVE-2024-23442Jun 14, 2024
    risk 0.00cvss epss 0.00

    An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

  • CVE-2024-37279Jun 13, 2024
    risk 0.00cvss epss 0.00

    A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.

  • CVE-2024-37280Jun 13, 2024
    risk 0.00cvss epss 0.01

    A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and…

  • CVE-2024-23445Jun 12, 2024
    risk 0.00cvss epss 0.00

    It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body  restricts search for a given index using the query or the…

  • CVE-2024-23449Mar 29, 2024
    risk 0.00cvss epss 0.01

    An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF…

  • CVE-2024-23451Mar 27, 2024
    risk 0.00cvss epss 0.00

    Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a malicious user with a valid API key for a remote cluster configured to use the new Remote…

  • CVE-2024-23450Mar 27, 2024
    risk 0.00cvss epss 0.01

    A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash.

  • CVE-2024-23448Feb 7, 2024
    risk 0.00cvss epss 0.01

    An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted…

  • CVE-2024-23447Feb 7, 2024
    risk 0.00cvss epss 0.00

    An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications…

  • CVE-2024-23446Feb 7, 2024
    risk 0.00cvss epss 0.01

    An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security (DLS) or Field-level security (FLS) when querying the .alerts-security.alerts-{space_id} indices. Users who are authorized to call this API may obtain…

  • CVE-2023-46675Dec 13, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana. Elastic has released Kibana 8.11.2 which resolves this issue. The messages recorded in the log…

  • CVE-2023-46671Dec 13, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may contain account credentials for the kibana_system…

  • CVE-2023-6687Dec 12, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Elastic Agent…

  • CVE-2023-49922Dec 12, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Beats or…

  • CVE-2023-49923Dec 12, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead to the insertion of sensitive or private information in the App Search logs.…

  • CVE-2023-46674Dec 5, 2023
    risk 0.00cvss epss 0.00

    An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.

  • CVE-2023-46673Nov 22, 2023
    risk 0.00cvss epss 0.01

    It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.

  • CVE-2021-37937Nov 22, 2023
    risk 0.00cvss epss 0.01

    An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server…

  • CVE-2021-37942Nov 22, 2023
    risk 0.00cvss epss 0.00

    A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions…

  • CVE-2021-22143Nov 22, 2023
    risk 0.00cvss epss 0.01

    The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is…

  • CVE-2021-22142Nov 22, 2023
    risk 0.00cvss epss 0.01

    Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium…

  • CVE-2021-22151Nov 22, 2023
    risk 0.00cvss epss 0.01

    It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension.

  • CVE-2021-22150Nov 22, 2023
    risk 0.00cvss epss 0.01

    It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, allowing an attacker to execute commands on the Kibana server.

  • CVE-2023-46672Nov 15, 2023
    risk 0.00cvss epss 0.00

    An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/cur…

  • CVE-2023-31416Oct 26, 2023
    risk 0.00cvss epss 0.00

    Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment.

  • CVE-2023-31417Oct 26, 2023
    risk 0.00cvss epss 0.00

    Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information…

  • CVE-2023-31418Oct 26, 2023
    risk 0.00cvss epss 0.01

    An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by…

  • CVE-2023-46666Oct 26, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all…

  • CVE-2023-31421Oct 26, 2023
    risk 0.00cvss epss 0.00

    It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the…

  • CVE-2023-31422Oct 26, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. The issue impacts only Kibana version 8.10.0 when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. Elastic has…

  • CVE-2023-46667Oct 26, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to…

  • CVE-2023-46668Oct 25, 2023
    risk 0.00cvss epss 0.00

    If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed…

  • CVE-2023-32764Aug 3, 2023
    risk 0.00cvss epss 0.00

    Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator.

  • CVE-2023-31414May 4, 2023
    risk 0.00cvss epss 0.01

    Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands…

  • CVE-2023-31413May 4, 2023
    risk 0.00cvss epss 0.00

    Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.

  • CVE-2023-31415May 4, 2023
    risk 0.00cvss epss 0.01

    Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system…

  • CVE-2022-38779Feb 21, 2023
    risk 0.00cvss epss 0.01

    An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

  • CVE-2022-38778Feb 8, 2023
    risk 0.00cvss epss 0.01

    A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.

  • CVE-2022-38777Feb 8, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

  • CVE-2022-38774Jan 24, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

  • CVE-2022-38775Jan 24, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

  • CVE-2021-22141Nov 18, 2022
    risk 0.00cvss epss 0.01

    An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary website.

  • CVE-2021-37936Nov 18, 2022
    risk 0.00cvss epss 0.00

    It was discovered that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to an elasticsearch index could inject HTML. When the Discover app highlighted a search term containing the HTML,…

  • CVE-2022-23716Sep 28, 2022
    risk 0.00cvss epss 0.01

    A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.

  • CVE-2022-29908Sep 19, 2022
    risk 0.00cvss epss 0.00

    The folioupdate service in Fabasoft Cloud Enterprise Client 22.4.0043 allows Local Privilege Escalation.

  • CVE-2022-36670Sep 6, 2022
    risk 0.00cvss epss 0.00

    PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.

  • CVE-2022-23715Aug 25, 2022
    risk 0.00cvss epss 0.01

    A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are…

  • CVE-2022-23744Jul 7, 2022
    risk 0.00cvss epss 0.04

    Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.

Page 4 of 6