Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2020/01/28 12:0 a.m.31 views

Photon OS 1.0: Elasticsearch PHSA-2019-1.0-0209

An update of the elasticsearch package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0209. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

6.5CVSS7AI score0.01456EPSS
Exploits0References2
CVE
CVE
added 2018/12/20 10:0 p.m.211 views

CVE-2018-17244

CVE-2018-17244 affects Elasticsearch Security versions 6.4.0–6.4.2 where request headers may be misapplied during concurrent authentication across AD/LDAP/Native/File realms, causing a run-as to impersonate another user and potentially access restricted information. The connected documents refere...

6.5CVSS6.2AI score0.01456EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2018/11/13 12:0 a.m.3922 views

Elasticsearch 6.4.0, 6.4.1, 6.4.2 Information Disclosure Vulnerability - Linux

Elasticsearch is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

6.5CVSS6.5AI score0.01456EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.101 views

Elasticsearch ESA-2018-16

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; wh...

6.5CVSS6.9AI score0.01456EPSS
Exploits0References2
Rows per page
Query Builder