CVE-2021-22148

Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user gaining access to unauthorized engines...

CVE-2021-22148

Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user gaining access to unauthorized engines...

Authorization

Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users...

Design/Logic Flaw

Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user gaining access to unauthorized engines...

CVE-2021-22148

Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user gaining access to unauthorized engines...

CVE-2021-22148

Elastic Enterprise Search App Search prior to 7.14.0 is vulnerable due to API keys not being bound to the same engines as their creator, enabling a less-privileged user to access engines they should not reach. Red Hat and CVE mappings corroborate the issue. Affected product: Elastic Enterprise Se...

CVE-2021-22149

Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users...

EulerOS 2.0 SP2 : junit (EulerOS-SA-2021-2391)

According to the version of the junit package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like...

CVE-2021-39192

Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users including contributors to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability...

CVE-2021-39192

Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users including contributors to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability...

Privilege escalation

Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users including contributors to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability...

CVE-2021-39192

Ghost CMS contains a privilege-escalation flaw in the limits service from versions 4.0.0–4.9.4 that lets all authenticated users (including contributors) view admin-level API keys via the Integrations API endpoint. The issue is fixed in Ghost 4.10.0. As a workaround, disable all non-Administrator...

CVE-2021-39192 Privilege escalation: all users can access Admin-level API keys

Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users including contributors to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability...

Keyhacks - A Repository Which Shows Quick Ways In Which API Keys Leaked By A Bug Bounty Program Can Be Checked To See If They'Re Valid

KeyHacks shows ways in which particular API keys found on a Bug Bounty Program can be used, to check if they are valid. @Gwen001 has scripted the entire process available here and it can be found here Table of Contents ABTasty API Key Algolia API key Amplitude API Keys Asana Access token AWS Acce...

Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities that can be abused to stage larger scale attacks, an analysis of the hackers' modus operandi has...

Sigurlfind3R - A Reconnaissance Tool, It Fetches URLs From AlienVault's OTX, Common Crawl, URLScan, Github And The Wayback Machine

sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX , Common Crawl , URLScan , Github and the Wayback Machine. DiSCLAIMER: fetching urls from github is a bit slow. Usage sigurlfind3r -h This will display help for the tool. | |/ | | / / | |/ | | | | '| | || |...

Elastic Stack 7.14.0 Security Update

Elasticsearch Document/Field Level Security issue ESA-2021-18 A flaw was discovered in Elasticsearch where document and field level security was not applied to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view. Affected...

PT-2021-4651 · Elastic · Enterprise Search App Search

Name of the Vulnerable Software and Affected Versions: Elastic Enterprise Search App Search versions prior to 7.14.0 Description: The issue is related to missing authorization for API keys via an alternate route. An authenticated attacker could exploit this to utilize API keys belonging to higher...

Stripo Inc: Insecure Storage and Overly Permissive API Keys

Summary: I am surfing on the stripo.email website. I found a sensitive data including authentication key/secrettoken written in public accessible subdo. We found a aviaryApiKeyand other secretkey exposed in staging.empleio.stripo.email. Risk Factors: Most often Developers for their ease of...

CVE-2021-32790

Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors already having admin access, or API keys to the WooCommerce site can exploit vulnerable...