CVE-2025-37729

Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise ECE can lead to a malicious actor with Admin access exfiltrating sensitive information and issuing commands via a specially crafted string where Jinjava variables are evaluated...

CVE-2025-37729 Elastic Cloud Enterprise (ECE) Improper Neutralization of Special Elements Used in a Template Engine

Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise ECE can lead to a malicious actor with Admin access exfiltrating sensitive information and issuing commands via a specially crafted string where Jinjava variables are evaluated...

CVE-2025-37729 Elastic Cloud Enterprise (ECE) Improper Neutralization of Special Elements Used in a Template Engine

Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise ECE can lead to a malicious actor with Admin access exfiltrating sensitive information and issuing commands via a specially crafted string where Jinjava variables are evaluated...

PT-2025-41785

Name of the Vulnerable Software and Affected Versions Elastic Cloud Enterprise versions 2.5.0 through 3.8.1 Elastic Cloud Enterprise version 4.0.0 through 4.0.1 Description An issue exists in Elastic Cloud Enterprise ECE related to the improper handling of special elements within its template...