Linux Distros Unpatched Vulnerability : CVE-2020-7020

🗓️ 02 Sep 2025 00:00:00Reported by TenableType

Elasticsearch versions before 6.8.13 and 7.9.2 disclose documents when security is used; no patch.

Reporter	Title	Published	Views	Family All 38
IBM Security Bulletins	Security Bulletin: IBM Cloud Private is vulnerable to Elastic vulnerabilities (CVE-2020-7020 )	2 Sep 202121:00	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilitiy affects IBM Observability with Instana	11 Jan 202220:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities may affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) offline documentation	28 Sep 202107:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in Elasticsearch shipped with IBM Tivoli Netcool Impact	6 Jul 202205:31	–	ibm
CBLMariner	CVE-2020-7020 affecting package rubygem-elasticsearch 7.6.0-1	26 May 202219:04	–	cbl_mariner
Circl	CVE-2020-7020	28 Jan 202400:49	–	circl
CNVD	Elasticsearch Information Disclosure Vulnerability (CNVD-2020-60336)	25 Oct 202000:00	–	cnvd
CVE	CVE-2020-7020	22 Oct 202016:30	–	cve
Cvelist	CVE-2020-7020	22 Oct 202016:30	–	cvelist
Elastic	Elastic Stack 7.9.3 and 6.8.13 Security Update	22 Oct 202015:34	–	elastic

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2020-7020
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(260331);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/09/02");

  script_cve_id("CVE-2020-7020");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2020-7020");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field
    Level Security is used. Search queries do not properly preserve security permissions when executing
    certain complex queries. This could result in the search disclosing the existence of documents the
    attacker should not be able to view. This could result in an attacker gaining additional insight into
    potentially sensitive indices. (CVE-2020-7020)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2020-7020");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7020");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/09/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:elasticsearch");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "elasticsearch"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

02 Sep 2025 00:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.13.1

CVSS 23.5

EPSS0.00077