Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/09/05 9:54 p.m.57 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in elasticsearch-7.10.2.jar

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of elasticsearch-7.10.2.jar Vulnerability Details CVEID:CVE-2023-31418 DESCRIPTION: Elastic Elasticsearch is vulnerable to a denial of service, caused by uncontrolled resource consumption. By sending a moderate...

7.5CVSS6.8AI score0.60679EPSS
Exploits4Affected Software1
Circl
Circl
added 2023/10/26 10:16 p.m.5 views

CVE-2023-31417

creationtimestamp| type| source ---|---|--- 2023-10-26 22:16:05+00:00| seen| https://t.me/cibsecurity/72998...

4.4CVSS5AI score0.00228EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/10/26 6:30 p.m.5 views

ai.ylyue:yue-library-data-es (>=j11.2.6.0 <=j11.2.6.2), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=5.7.9) +513 more potentially affected by CVE-2023-31417 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.17.12)

org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j11.2.6.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =1.0, =1.0.4.R, =2.1.0.M8, =2.2.0.M7 and more Source cves: CVE-2023-31417 Source advisory: OSV:GHSA-99PC-69Q9-JXF2...

4.4CVSS5.8AI score0.00228EPSS
Exploits0
CVE
CVE
added 2023/10/26 5:47 p.m.134 views

CVE-2023-31417

CVE-2023-31417 affects Elasticsearch where the existing audit-filtering logic fails to mask sensitive data when clients use deprecated API URIs. The consequence is that passwords and tokens could be printed in cleartext in Elasticsearch audit logs. The description notes that audit logging is disa...

4.4CVSS5AI score0.00228EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2023/09/11 2:6 p.m.38 views

CVE-2023-31417

A flaw was found in the Elasticsearch package. Elasticsearch filters out sensitive information and credentials before logging into the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. As a result, sensitive informatio...

4.1CVSS6AI score0.00228EPSS
Exploits0References4
Rows per page
Query Builder