4 matches found
Photon OS 1.0: Elasticsearch PHSA-2019-1.0-0209
An update of the elasticsearch package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0209. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2018-17244
CVE-2018-17244 affects Elasticsearch Security versions 6.4.0–6.4.2 where request headers may be misapplied during concurrent authentication across AD/LDAP/Native/File realms, causing a run-as to impersonate another user and potentially access restricted information. The connected documents refere...
Elasticsearch 6.4.0, 6.4.1, 6.4.2 Information Disclosure Vulnerability - Linux
Elasticsearch is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Elasticsearch ESA-2018-16
Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; wh...