3 matches found
Insertion Of Sensitive Information Into Log File
org.elasticsearch:elasticsearch is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to improper handling of request auditing for the reindex API, which allows an attacker to expose sensitive data if specific logging conditions are met...
The vulnerability of the Elastic Search component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data or to modify, add, or delete protected data.
The vulnerability of the Elastic Search component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected data or to modify, add, or...
CVE-2020-2687
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...