Vendor CVEs
Elastic
All CVEs
258 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-37282 | 0.00 | — | 0.01 | Jun 28, 2024 | It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges. | |||
| CVE-2024-23443 | 0.00 | — | 0.02 | Jun 19, 2024 | A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack. | |||
| CVE-2024-23442 | 0.00 | — | 0.00 | Jun 14, 2024 | An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL. | |||
| CVE-2024-37279 | 0.00 | — | 0.00 | Jun 13, 2024 | A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries. | |||
| CVE-2024-37280 | 0.00 | — | 0.01 | Jun 13, 2024 | A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and… | |||
| CVE-2024-23445 | 0.00 | — | 0.00 | Jun 12, 2024 | It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the… | |||
| CVE-2024-23449 | 0.00 | — | 0.01 | Mar 29, 2024 | An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF… | |||
| CVE-2024-23451 | 0.00 | — | 0.00 | Mar 27, 2024 | Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a malicious user with a valid API key for a remote cluster configured to use the new Remote… | |||
| CVE-2024-23450 | 0.00 | — | 0.01 | Mar 27, 2024 | A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash. | |||
| CVE-2024-23448 | 0.00 | — | 0.01 | Feb 7, 2024 | An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted… | |||
| CVE-2024-23447 | 0.00 | — | 0.00 | Feb 7, 2024 | An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications… | |||
| CVE-2024-23446 | 0.00 | — | 0.01 | Feb 7, 2024 | An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security (DLS) or Field-level security (FLS) when querying the .alerts-security.alerts-{space_id} indices. Users who are authorized to call this API may obtain… | |||
| CVE-2023-46675 | 0.00 | — | 0.01 | Dec 13, 2023 | An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana. Elastic has released Kibana 8.11.2 which resolves this issue. The messages recorded in the log… | |||
| CVE-2023-46671 | 0.00 | — | 0.01 | Dec 13, 2023 | An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may contain account credentials for the kibana_system… | |||
| CVE-2023-6687 | 0.00 | — | 0.01 | Dec 12, 2023 | An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Elastic Agent… | |||
| CVE-2023-49922 | 0.00 | — | 0.01 | Dec 12, 2023 | An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Beats or… | |||
| CVE-2023-49923 | 0.00 | — | 0.01 | Dec 12, 2023 | An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead to the insertion of sensitive or private information in the App Search logs.… | |||
| CVE-2023-46674 | 0.00 | — | 0.00 | Dec 5, 2023 | An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue. | |||
| CVE-2023-46673 | 0.00 | — | 0.01 | Nov 22, 2023 | It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. | |||
| CVE-2021-37937 | 0.00 | — | 0.01 | Nov 22, 2023 | An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server… | |||
| CVE-2021-37942 | 0.00 | — | 0.00 | Nov 22, 2023 | A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions… | |||
| CVE-2021-22143 | 0.00 | — | 0.01 | Nov 22, 2023 | The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is… | |||
| CVE-2021-22142 | 0.00 | — | 0.01 | Nov 22, 2023 | Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium… | |||
| CVE-2021-22151 | 0.00 | — | 0.01 | Nov 22, 2023 | It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension. | |||
| CVE-2021-22150 | 0.00 | — | 0.01 | Nov 22, 2023 | It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, allowing an attacker to execute commands on the Kibana server. | |||
| CVE-2023-46672 | 0.00 | — | 0.00 | Nov 15, 2023 | An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/cur… | |||
| CVE-2023-31416 | 0.00 | — | 0.00 | Oct 26, 2023 | Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment. | |||
| CVE-2023-31417 | 0.00 | — | 0.00 | Oct 26, 2023 | Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information… | |||
| CVE-2023-31418 | 0.00 | — | 0.01 | Oct 26, 2023 | An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by… | |||
| CVE-2023-46666 | 0.00 | — | 0.00 | Oct 26, 2023 | An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all… | |||
| CVE-2023-31421 | 0.00 | — | 0.00 | Oct 26, 2023 | It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the… | |||
| CVE-2023-31422 | 0.00 | — | 0.01 | Oct 26, 2023 | An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. The issue impacts only Kibana version 8.10.0 when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. Elastic has… | |||
| CVE-2023-46667 | 0.00 | — | 0.00 | Oct 26, 2023 | An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to… | |||
| CVE-2023-46668 | 0.00 | — | 0.00 | Oct 25, 2023 | If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed… | |||
| CVE-2023-32764 | 0.00 | — | 0.00 | Aug 3, 2023 | Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator. | |||
| CVE-2023-31414 | 0.00 | — | 0.01 | May 4, 2023 | Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands… | |||
| CVE-2023-31413 | 0.00 | — | 0.00 | May 4, 2023 | Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled. | |||
| CVE-2023-31415 | 0.00 | — | 0.01 | May 4, 2023 | Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system… | |||
| CVE-2022-38779 | 0.00 | — | 0.01 | Feb 21, 2023 | An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL. | |||
| CVE-2022-38778 | 0.00 | — | 0.01 | Feb 8, 2023 | A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process. | |||
| CVE-2022-38777 | 0.00 | — | 0.00 | Feb 8, 2023 | An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | |||
| CVE-2022-38774 | 0.00 | — | 0.00 | Jan 24, 2023 | An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | |||
| CVE-2022-38775 | 0.00 | — | 0.00 | Jan 24, 2023 | An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | |||
| CVE-2021-22141 | 0.00 | — | 0.01 | Nov 18, 2022 | An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary website. | |||
| CVE-2021-37936 | 0.00 | — | 0.00 | Nov 18, 2022 | It was discovered that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to an elasticsearch index could inject HTML. When the Discover app highlighted a search term containing the HTML,… | |||
| CVE-2022-23716 | 0.00 | — | 0.01 | Sep 28, 2022 | A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster. | |||
| CVE-2022-29908 | 0.00 | — | 0.00 | Sep 19, 2022 | The folioupdate service in Fabasoft Cloud Enterprise Client 22.4.0043 allows Local Privilege Escalation. | |||
| CVE-2022-36670 | 0.00 | — | 0.00 | Sep 6, 2022 | PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable. | |||
| CVE-2022-23715 | 0.00 | — | 0.01 | Aug 25, 2022 | A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are… | |||
| CVE-2022-23744 | 0.00 | — | 0.04 | Jul 7, 2022 | Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator. |
- CVE-2024-37282Jun 28, 2024risk 0.00cvss —epss 0.01
It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.
- CVE-2024-23443Jun 19, 2024risk 0.00cvss —epss 0.02
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack.
- CVE-2024-23442Jun 14, 2024risk 0.00cvss —epss 0.00
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
- CVE-2024-37279Jun 13, 2024risk 0.00cvss —epss 0.00
A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.
- CVE-2024-37280Jun 13, 2024risk 0.00cvss —epss 0.01
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and…
- CVE-2024-23445Jun 12, 2024risk 0.00cvss —epss 0.00
It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the…
- CVE-2024-23449Mar 29, 2024risk 0.00cvss —epss 0.01
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF…
- CVE-2024-23451Mar 27, 2024risk 0.00cvss —epss 0.00
Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a malicious user with a valid API key for a remote cluster configured to use the new Remote…
- CVE-2024-23450Mar 27, 2024risk 0.00cvss —epss 0.01
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash.
- CVE-2024-23448Feb 7, 2024risk 0.00cvss —epss 0.01
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted…
- CVE-2024-23447Feb 7, 2024risk 0.00cvss —epss 0.00
An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications…
- CVE-2024-23446Feb 7, 2024risk 0.00cvss —epss 0.01
An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security (DLS) or Field-level security (FLS) when querying the .alerts-security.alerts-{space_id} indices. Users who are authorized to call this API may obtain…
- CVE-2023-46675Dec 13, 2023risk 0.00cvss —epss 0.01
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana. Elastic has released Kibana 8.11.2 which resolves this issue. The messages recorded in the log…
- CVE-2023-46671Dec 13, 2023risk 0.00cvss —epss 0.01
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may contain account credentials for the kibana_system…
- CVE-2023-6687Dec 12, 2023risk 0.00cvss —epss 0.01
An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Elastic Agent…
- CVE-2023-49922Dec 12, 2023risk 0.00cvss —epss 0.01
An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Beats or…
- CVE-2023-49923Dec 12, 2023risk 0.00cvss —epss 0.01
An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead to the insertion of sensitive or private information in the App Search logs.…
- CVE-2023-46674Dec 5, 2023risk 0.00cvss —epss 0.00
An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.
- CVE-2023-46673Nov 22, 2023risk 0.00cvss —epss 0.01
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.
- CVE-2021-37937Nov 22, 2023risk 0.00cvss —epss 0.01
An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server…
- CVE-2021-37942Nov 22, 2023risk 0.00cvss —epss 0.00
A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By using this vulnerability, an attacker could execute code at a potentially higher level of permissions…
- CVE-2021-22143Nov 22, 2023risk 0.00cvss —epss 0.01
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is…
- CVE-2021-22142Nov 22, 2023risk 0.00cvss —epss 0.01
Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium…
- CVE-2021-22151Nov 22, 2023risk 0.00cvss —epss 0.01
It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension.
- CVE-2021-22150Nov 22, 2023risk 0.00cvss —epss 0.01
It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, allowing an attacker to execute commands on the Kibana server.
- CVE-2023-46672Nov 15, 2023risk 0.00cvss —epss 0.00
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/cur…
- CVE-2023-31416Oct 26, 2023risk 0.00cvss —epss 0.00
Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment.
- CVE-2023-31417Oct 26, 2023risk 0.00cvss —epss 0.00
Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information…
- CVE-2023-31418Oct 26, 2023risk 0.00cvss —epss 0.01
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by…
- CVE-2023-46666Oct 26, 2023risk 0.00cvss —epss 0.00
An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all…
- CVE-2023-31421Oct 26, 2023risk 0.00cvss —epss 0.00
It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the…
- CVE-2023-31422Oct 26, 2023risk 0.00cvss —epss 0.01
An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. The issue impacts only Kibana version 8.10.0 when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. Elastic has…
- CVE-2023-46667Oct 26, 2023risk 0.00cvss —epss 0.00
An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to…
- CVE-2023-46668Oct 25, 2023risk 0.00cvss —epss 0.00
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed…
- CVE-2023-32764Aug 3, 2023risk 0.00cvss —epss 0.00
Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator.
- CVE-2023-31414May 4, 2023risk 0.00cvss —epss 0.01
Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands…
- CVE-2023-31413May 4, 2023risk 0.00cvss —epss 0.00
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.
- CVE-2023-31415May 4, 2023risk 0.00cvss —epss 0.01
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system…
- CVE-2022-38779Feb 21, 2023risk 0.00cvss —epss 0.01
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
- CVE-2022-38778Feb 8, 2023risk 0.00cvss —epss 0.01
A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
- CVE-2022-38777Feb 8, 2023risk 0.00cvss —epss 0.00
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
- CVE-2022-38774Jan 24, 2023risk 0.00cvss —epss 0.00
An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
- CVE-2022-38775Jan 24, 2023risk 0.00cvss —epss 0.00
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
- CVE-2021-22141Nov 18, 2022risk 0.00cvss —epss 0.01
An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary website.
- CVE-2021-37936Nov 18, 2022risk 0.00cvss —epss 0.00
It was discovered that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to an elasticsearch index could inject HTML. When the Discover app highlighted a search term containing the HTML,…
- CVE-2022-23716Sep 28, 2022risk 0.00cvss —epss 0.01
A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
- CVE-2022-29908Sep 19, 2022risk 0.00cvss —epss 0.00
The folioupdate service in Fabasoft Cloud Enterprise Client 22.4.0043 allows Local Privilege Escalation.
- CVE-2022-36670Sep 6, 2022risk 0.00cvss —epss 0.00
PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.
- CVE-2022-23715Aug 25, 2022risk 0.00cvss —epss 0.01
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are…
- CVE-2022-23744Jul 7, 2022risk 0.00cvss —epss 0.04
Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.
Page 4 of 6