Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-22137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not...

5.3CVSS5.6AI score0.0111EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/05/24 7:2 p.m.4 views

com.heanbian.block:heanbian-elasticsearch (>=1.0.1 <=1.0.3), com.heanbian.boot:heanbian-spring-boot-starter (>=1.4.3 <=1.4.4) +28 more potentially affected by CVE-2021-22137 via org.elasticsearch:elasticsearch (>=7.11.0 <=7.11.1)

org.elasticsearch:elasticsearch MAVEN version =7.11.0, =1.0.1, =1.4.3, =1.0.0, =2.0.0, =3.0.0, =3.0.0, =3.0.0, =1.15.0, =7.11.0, =7.11.0, =7.11.0, =7.11.0, =7.11.1 - io.micronaut.elasticsearch:micronaut-elasticsearch =2.2.0 and more Source cves: CVE-2021-22137 Source advisory:...

5.3CVSS6AI score0.0111EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/27 7:24 p.m.31 views

Security Bulletin: IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities (CVE-2021-22137, CVE-2021-22135)

Summary IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities. A recent update has addressed these issues. Vulnerability Details CVEID: CVE-2021-22137 DESCRIPTION: Elasticsearch could allow a remote authenticated attacker to obtain sensitive information, caused by a...

5.3CVSS1.4AI score0.01162EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/05/13 6:15 p.m.27 views

CVE-2021-22137

In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries. This could result in the search disclosing the...

5.3CVSS6AI score0.0111EPSS
Exploits0References1
CVE
CVE
added 2021/05/13 5:35 p.m.146 views

CVE-2021-22137

CVE-2021-22137 affects Elasticsearch: in versions before 7.11.2 and 6.8.15, a document disclosure flaw occurs when Document or Field Level Security is used. Certain cross-cluster search queries do not properly preserve security permissions, potentially allowing an attacker to determine the existe...

5.3CVSS4.8AI score0.0111EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder