8 matches found
Photon OS 2.0: Elasticsearch PHSA-2018-2.0-0116
An update of the elasticsearch package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0116. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
com.automattic:elasticsearch-statsd (>=5.6.0.0 <=5.6.1.0), com.avides.springboot.testcontainer:springboot-testcontainer-elasticsearch (>=0.1.0-RC6 <=0.1.0-RC7) +148 more potentially affected by CVE-2018-3831 via org.elasticsearch:elasticsearch (>=5.6.0 <=5.6.11)
org.elasticsearch:elasticsearch MAVEN version =5.6.0, =5.6.0.0, =0.1.0-RC6, =5.6.0-16, =5.6.0-23, =0.1, =1.8.1, =1.9, =1.23 - com.ubirch.avatar:aws2.11 =0.4.2 - com.ubirch.avatar:util2.11 =0.4.2 and more Source cves: CVE-2018-3831 Source advisory: OSV:GHSA-R9FV-QPM9-RJ4G...
cc.akkaha:asura-core_2.12 (>=0.1.0 <=0.3.0), ch.squaredesk.nova:metrics-elastic (>=4.0.0-beta-1 <=7.0.2) +324 more potentially affected by CVE-2018-3831 via org.elasticsearch:elasticsearch (>=6.0.0 <=6.4.0)
org.elasticsearch:elasticsearch MAVEN version =6.0.0, =0.1.0, =4.0.0-beta-1, =6.0.0, =6.1.1.0, =0.1.0-RC9, =5.0.3.9.6, =0.0.4, =0.1.1808, =1.0, =1.2 and more Source cves: CVE-2018-3831 Source advisory: OSV:GHSA-R9FV-QPM9-RJ4G...
Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update
A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
Photon OS 1.0: Elasticsearch PHSA-2019-1.0-0205
An update of the elasticsearch package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0205. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Elastic Elasticsearch 'CVE-2018-3831' Information Disclosure Vulnerability - Linux
Elasticsearch is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Elastic Elasticsearch 'CVE-2018-3831' Information Disclosure Vulnerability - Windows
Elasticsearch is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
CVE-2018-3831
Elasticsearch CVE-2018-3831 affects Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12. The root cause is information disclosure via the _cluster/settings API: when queried, it can leak sensitive configuration data (passwords, tokens, usernames) to an authenticated user.reme...