Lucene search
Redhat.comRH:CVE-2020-7009HistoryApr 09, 2020 - 10:33 a.m.
CVE-2020-7009
2020-04-0910:33:18
redhat.com
access.redhat.com
9
0.003 Low
EPSS
Percentile
69.1%
Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.
Related
prion
prion
Privilege escalation
2020-03-31 19:15:00
Authentication flaw
2020-06-03 18:15:00
cvelist
cvelist
CVE-2020-7009
2020-03-31 19:05:13
CVE-2020-7014
2020-06-03 17:55:44
ubuntucve
ubuntucve
CVE-2020-7009
2020-03-31 00:00:00
CVE-2020-7014
2020-06-03 00:00:00
osv
osv
BIT-elasticsearch-2020-7009
2024-03-06 10:54:57
CVE-2020-7009
2020-03-31 19:15:14
Improper Privilege Management in Elasticsearch
2022-05-24 17:13:01
nvd
nvd
CVE-2020-7009
2020-03-31 19:15:14
CVE-2020-7014
2020-06-03 18:15:23
ibm
ibm
cbl_mariner
cbl_mariner
CVE-2020-7009 affecting package rubygem-elasticsearch 7.6.0-1
2022-05-26 19:04:38
github
github
Improper Privilege Management in Elasticsearch
2022-05-24 17:13:01
Privilege Escalation Flaw in Elasticsearch
2021-03-18 19:27:20
cve
cve
CVE-2020-7009
2020-03-31 19:15:14
CVE-2020-7014
2020-06-03 18:15:23
checkpoint_advisories
checkpoint_advisories
Elasticsearch Privilege Escalation (CVE-2020-7009)
2020-07-28 00:00:00
openvas
openvas
Elastic Elasticsearch Privilege Escalation Vulnerability (ESA-2020-02)
2021-01-25 00:00:00
Elastic Elasticsearch Privilege Escalation Vulnerability (ESA-2020-07)
2021-01-25 00:00:00
redhatcve
redhatcve
CVE-2020-7014
2020-06-19 15:55:53
oracle
oracle
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00