7 matches found
CVE-2020-7014 affecting package rubygem-elasticsearch 7.6.0-1
CVE-2020-7014 affecting package rubygem-elasticsearch 7.6.0-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: Multiple vulnerabilities affect IBM Observability with Instana
Summary Vulnerabilities detected in Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.2 affects IBM Observability with Instana Vulnerability Details CVEID: CVE-2019-7619 DESCRIPTION: Elastic Elasticsearch could allow a remote attacker to obtain sensitive information, caused by a flaw in...
ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.6.2), br.com.simpli:simpli-ws (>=1.2.1 <=2.2.0) +843 more potentially affected by CVE-2020-7014 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.6.1)
org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j8.2.2.0, =1.2.1, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.2.0, =6.8.0, =6.4.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.10.5 and more Source cves: CVE-2020-7014 Source advisory: OSV:GHSA-HQQV-9X3V-MP7W...
Security Bulletin: Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation
Summary The vulnerabilities are related to the WebSphere Liberty server, to Node.js runtime and modules and to other open source packages. Vulnerability Details CVEID: CVE-2019-7619 DESCRIPTION: Elastic Elasticsearch could allow a remote attacker to obtain sensitive information, caused by a flaw ...
Elasticsearch Privilege Escalation (CVE-2020-7014)
A privilege escalation vulnerability exists in Elasticsearch. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges...
CVE-2020-7014
The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication...
Photon OS 1.0: Elasticsearch PHSA-2020-1.0-0301
An update of the elasticsearch package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0301. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...