Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/02/20 12:0 a.m.10 views

Strimzi 安全漏洞

Strimzi is an open-source program developed by Strimzi that allows for the operation of Apache Kafka clusters on Kubernetes with various deployment configurations. Versions of Strimzi from 0.47.0 to 0.50.1 contained security vulnerabilities. These vulnerabilities stemmed from reliance on all...

5.9CVSS5.8AI score0.00184EPSS
Exploits0References2
Elastic
Elastic
added 2022/12/09 7:18 p.m.7 views

Kibana 7.17.8 and 8.5.0 Security Update

Update Log 2022-12-23 : Updated impact section with additional details. 2023-01-09 : Updated impact section to include RHEL 2023-01-23 : Updated impact section with additional details. Updated Solutions and Mitigations section with new mitigation option. Updated Affected Versions section. Kibana...

8.8CVSS8.8AI score0.1372EPSS
Exploits2
OSV
OSV
added 2022/02/15 1:57 a.m.24 views

GHSA-VFP4-XX6M-7VF6 Cryptographic Issues in ECK

Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK...

7.5CVSS7.3AI score0.01439EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/11/10 11:52 a.m.68 views

Moderate: Red Hat Security Advisory: Release of components for Service Telemetry Framework 1.3.3 - Container Images

Release of components for the Service Telemetry Framework Service Telemetry Framework STF provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat...

6.5CVSS6.7AI score0.06975EPSS
Exploits1References5
OSV
OSV
added 2020/06/03 6:15 p.m.2 views

UBUNTU-CVE-2020-7010

Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK...

7.5CVSS7AI score0.01439EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/06/03 6:15 p.m.25 views

CVE-2020-7010

Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK...

7.5CVSS7.1AI score0.01439EPSS
Exploits0References2
CVE
CVE
added 2020/06/03 5:55 p.m.69 views

CVE-2020-7010

CVE-2020-7010 affects Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0. The issue is a weak random number generator used to generate Elasticsearch credentials, which can enable easier brute-forcing if an attacker can determine when the cluster was deployed. Affected text from connected s...

7.5CVSS7.3AI score0.01439EPSS
Exploits0References1Affected Software1
Elastic
Elastic
added 2020/04/28 5:23 p.m.9 views

Elastic Cloud on Kubernetes 1.1.0 security update

Elastic Cloud on Kubernetes insecure password generation ESA-2020-03 Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more...

7.5CVSS7.1AI score0.01439EPSS
Exploits0
Rows per page
Query Builder