CVE-2021-22132

🗓️ 14 Jan 2021 20:13:15Reported by [email protected]Type

Elasticsearch information disclosure flaw in async search AP

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 17
Github Security Blog	Insufficiently Protected Credentials in Elasticsearch	18 Mar 202119:27	–	github
OSV	UBUNTU-CVE-2021-22132	14 Jan 202120:15	–	osv
OSV	BIT-ELASTICSEARCH-2021-22132	6 Mar 202410:54	–	osv
OSV	CVE-2021-22132	14 Jan 202120:15	–	osv
OSV	GHSA-5FVX-2JJ3-6MFF Insufficiently Protected Credentials in Elasticsearch	18 Mar 202119:27	–	osv
RedhatCVE	CVE-2021-22132	1 Feb 202115:13	–	redhatcve
Veracode	Information Disclosure	19 Mar 202105:35	–	veracode
CVE	CVE-2021-22132	14 Jan 202120:15	–	cve
Cvelist	CVE-2021-22132	14 Jan 202119:20	–	cvelist
OpenVAS	Elastic Elasticsearch Information Disclosure Vulnerability (ESA-2021-01)	25 Jan 202100:00	–	openvas

Nvd

Node

elastic elasticsearchRange7.7.0–7.10.2

Node

oracle communications_cloud_native_core_automated_test_suiteMatch1.8.0

Source	Link
discuss	www.discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164
security	www.security.netapp.com/advisory/ntap-20210219-0004/
oracle	www.oracle.com/security-alerts/cpuapr2022.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Jan 2021 20:15Current

4.7Medium risk

Vulners AI Score4.7

CVSS22.1

CVSS34.8

EPSS0.01281

CWE-522