44 matches found
CVE-2019-7619
Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm...
Design/Logic Flaw
Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm...
CVE-2019-7619
CVE-2019-7619 affects Elasticsearch versions 7.0.0–7.3.2 and 6.7.0–6.8.3, where an unauthenticated attacker could use the API Key service to determine if a username exists in the native realm due to a username-disclosure flaw. The connected documents corroborate a username disclosure vulnerabilit...
Amazon Promises Fix to Stop Key Service Hack
Researchers at Rhino Security Labs identified a flaw in Amazon’s Key delivery service and Cloud Cam security camera that allows a rogue courier to tamper with the camera and knock it offline, making it appear no one is entering home, when that’s not the case. Amazon Key service allows homeowners ...