8 matches found
SUSE CVE-2020-7019
In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attack...
CVE-2020-7019 affecting package rubygem-elasticsearch 7.6.0-1
CVE-2020-7019 affecting package rubygem-elasticsearch 7.6.0-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: IBM Cloud Private is vulnerable to Elastic vulnerabilities (CVE-2020-7018,CVE-2020-7019 )
Summary IBM Cloud Private is vulnerable to Elastic vulnerabilities Vulnerability Details CVEID: CVE-2020-7018 DESCRIPTION: Elastic Enterprise Search could allow a remote authenticated attacker to obtain sensitive information, caused by a credential exposure flaw in the App Search interface. By...
Photon OS 3.0: Elasticsearch PHSA-2020-3.0-0135
An update of the elasticsearch package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0135. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid140410;...
CVE-2020-7019
In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attack...
CVE-2020-7019
In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attack...
CVE-2020-7019
In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attack...
CVE-2020-7019
CVE-2020-7019 affects Elasticsearch versions prior to 7.9.0 and 6.8.12. A field disclosure flaw occurs when running a scrolling search with Field Level Security: if a user runs the same query another, more privileged user recently ran, the scrolling search can leak hidden fields, potentially gran...