Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-22132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store t...

4.8CVSS6.5AI score0.01241EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/11 8:10 p.m.31 views

Security Bulletin: Vulnerability affects IBM Observability with Instana

Summary Vulnerability detected in Elasticsearch before version 7.10.2 affects IBM Observability with Instana Vulnerability Details CVEID: CVE-2021-22132 DESCRIPTION: Elastic Elasticsearch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the async...

4.8CVSS5.2AI score0.01241EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2021/02/01 3:13 p.m.34 views

CVE-2021-22132

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...

4.8CVSS0.9AI score0.01241EPSS
Exploits0References4
OSV
OSV
added 2021/01/14 8:15 p.m.21 views

CVE-2021-22132

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...

4.8CVSS5.9AI score
Exploits0References3
CVE
CVE
added 2021/01/14 7:20 p.m.235 views

CVE-2021-22132

Elasticsearch 7.7.0–7.10.1 exposes an information-disclosure flaw in the async search API: executed async searches cause HTTP headers to be stored, potentially allowing a user who can read the .tasks index to obtain other users’ sensitive request headers. The issue is fixed in Elasticsearch 7.10....

4.8CVSS4.7AI score0.01241EPSS
Exploits0References3Affected Software1
Elastic
Elastic
added 2021/01/14 6:9 p.m.8 views

Elasticsearch 7.10.2 Security Update

Elasticsearch authorization-header storage issue ESA-2021-01 An information disclosure flaw was found in the Elasticsearch async search API. Users who execute an async search will store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive reques...

4.8CVSS7AI score0.01241EPSS
Exploits0
Rows per page
Query Builder