Lucene search
K

7 matches found

CBLMariner
CBLMariner
added 2022/05/26 7:4 p.m.33 views

CVE-2020-7014 affecting package rubygem-elasticsearch 7.6.0-1

CVE-2020-7014 affecting package rubygem-elasticsearch 7.6.0-1. An upgraded version of the package is available that resolves this issue...

8.8CVSS7.4AI score0.01543EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/11 8:10 p.m.32 views

Security Bulletin: Multiple vulnerabilities affect IBM Observability with Instana

Summary Vulnerabilities detected in Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.2 affects IBM Observability with Instana Vulnerability Details CVEID: CVE-2019-7619 DESCRIPTION: Elastic Elasticsearch could allow a remote attacker to obtain sensitive information, caused by a flaw in...

8.8CVSS7AI score0.02429EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2021/03/18 7:27 p.m.3 views

ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.6.2), br.com.simpli:simpli-ws (>=1.2.1 <=2.2.0) +843 more potentially affected by CVE-2020-7014 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.6.1)

org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j8.2.2.0, =1.2.1, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.2.0, =6.8.0, =6.4.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.10.5 and more Source cves: CVE-2020-7014 Source advisory: OSV:GHSA-HQQV-9X3V-MP7W...

8.8CVSS6.7AI score0.01543EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/18 3:33 p.m.46 views

Security Bulletin: Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation

Summary The vulnerabilities are related to the WebSphere Liberty server, to Node.js runtime and modules and to other open source packages. Vulnerability Details CVEID: CVE-2019-7619 DESCRIPTION: Elastic Elasticsearch could allow a remote attacker to obtain sensitive information, caused by a flaw ...

8.8CVSS0.8AI score0.08794EPSS
Exploits2Affected Software1
Check Point Advisories
Check Point Advisories
added 2020/08/17 12:0 a.m.3 views

Elasticsearch Privilege Escalation (CVE-2020-7014)

A privilege escalation vulnerability exists in Elasticsearch. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges...

6.5CVSS3.3AI score0.01543EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/06/19 3:55 p.m.31 views

CVE-2020-7014

The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication...

6.5CVSS8.5AI score0.016EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.28 views

Photon OS 1.0: Elasticsearch PHSA-2020-1.0-0301

An update of the elasticsearch package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0301. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.8CVSS6.3AI score0.01543EPSS
Exploits0References3
Rows per page
Query Builder