8 matches found
Strimzi 安全漏洞
Strimzi is an open-source program developed by Strimzi that allows for the operation of Apache Kafka clusters on Kubernetes with various deployment configurations. Versions of Strimzi from 0.47.0 to 0.50.1 contained security vulnerabilities. These vulnerabilities stemmed from reliance on all...
Kibana 7.17.8 and 8.5.0 Security Update
Update Log 2022-12-23 : Updated impact section with additional details. 2023-01-09 : Updated impact section to include RHEL 2023-01-23 : Updated impact section with additional details. Updated Solutions and Mitigations section with new mitigation option. Updated Affected Versions section. Kibana...
GHSA-VFP4-XX6M-7VF6 Cryptographic Issues in ECK
Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK...
Moderate: Red Hat Security Advisory: Release of components for Service Telemetry Framework 1.3.3 - Container Images
Release of components for the Service Telemetry Framework Service Telemetry Framework STF provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat...
UBUNTU-CVE-2020-7010
Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK...
CVE-2020-7010
Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more easily brute force the Elasticsearch credentials generated by ECK...
CVE-2020-7010
CVE-2020-7010 affects Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0. The issue is a weak random number generator used to generate Elasticsearch credentials, which can enable easier brute-forcing if an attacker can determine when the cluster was deployed. Affected text from connected s...
Elastic Cloud on Kubernetes 1.1.0 security update
Elastic Cloud on Kubernetes insecure password generation ESA-2020-03 Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more...