Lucene search

Elasticsearch privilege escalation

🗓️ 04 Mar 2022 00:15:00Reported by GitHub Advisory DatabaseType

Elasticsearch privilege escalation from 6.x to 7.

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 14
RedhatCVE	CVE-2022-23708	21 Mar 202216:34	–	redhatcve
Prion	Code injection	3 Mar 202222:15	–	prion
Cvelist	CVE-2022-23708	3 Mar 202221:48	–	cvelist
NVD	CVE-2022-23708	3 Mar 202222:15	–	nvd
OSV	UBUNTU-CVE-2022-23708	3 Mar 202222:15	–	osv
OSV	BIT-ELASTICSEARCH-2022-23708	6 Mar 202410:52	–	osv
OSV	GHSA-PGQ6-CCQJ-HPQR Elasticsearch privilege escalation	4 Mar 202200:00	–	osv
OSV	CVE-2022-23708	3 Mar 202222:15	–	osv
CVE	CVE-2022-23708	3 Mar 202222:15	–	cve
OpenVAS	Elastic Elasticsearch Privilege Escalation Vulnerability (ESA-2022-02)	4 Mar 202200:00	–	openvas

Vulners

Node

org.elasticsearch elasticsearchRange7.16.0–7.17.1

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-23708
discuss	www.discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447
security	www.security.netapp.com/advisory/ntap-20220729-0003/
github	www.github.com/advisories/GHSA-pgq6-ccqj-hpqr

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Mar 2022 00:00Current

4.9Medium risk

Vulners AI Score4.9

CVSS24

CVSS34.3

EPSS0.00422

CWE-269