5 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-22137
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not...
com.heanbian.block:heanbian-elasticsearch (>=1.0.1 <=1.0.3), com.heanbian.boot:heanbian-spring-boot-starter (>=1.4.3 <=1.4.4) +28 more potentially affected by CVE-2021-22137 via org.elasticsearch:elasticsearch (>=7.11.0 <=7.11.1)
org.elasticsearch:elasticsearch MAVEN version =7.11.0, =1.0.1, =1.4.3, =1.0.0, =2.0.0, =3.0.0, =3.0.0, =3.0.0, =1.15.0, =7.11.0, =7.11.0, =7.11.0, =7.11.0, =7.11.1 - io.micronaut.elasticsearch:micronaut-elasticsearch =2.2.0 and more Source cves: CVE-2021-22137 Source advisory:...
Security Bulletin: IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities (CVE-2021-22137, CVE-2021-22135)
Summary IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities. A recent update has addressed these issues. Vulnerability Details CVEID: CVE-2021-22137 DESCRIPTION: Elasticsearch could allow a remote authenticated attacker to obtain sensitive information, caused by a...
CVE-2021-22137
In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure flaw was found when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries. This could result in the search disclosing the...
CVE-2021-22137
CVE-2021-22137 affects Elasticsearch: in versions before 7.11.2 and 6.8.15, a document disclosure flaw occurs when Document or Field Level Security is used. Certain cross-cluster search queries do not properly preserve security permissions, potentially allowing an attacker to determine the existe...