11 matches found
BIT-ELASTICSEARCH-2021-22132
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
SUSE CVE-2021-22132
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
elasticsearch: executing async search improperly stores HTTP headers leading to information disclosure
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
CVE-2021-22132
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
Elasticsearch Information Disclosure Vulnerability (CNVD-2021-03548)
Elasticsearch is a search engine based on the Lucene library. An information disclosure vulnerability exists in the asynchronous search API in Elasticsearch 7.7.0 - 7.10.1. The vulnerability stems from the fact that users performing asynchronous searches will incorrectly store HTTP headers. An...
CVE-2021-22132
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
CVE-2021-22132
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
Information disclosure
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
UBUNTU-CVE-2021-22132
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
PT-2021-14860 · Elastic · Elasticsearch
Name of the Vulnerable Software and Affected Versions: Elasticsearch versions 7.7.0 through 7.10.1 Description: The issue is an information disclosure flaw in the async search API. When an async search is executed, HTTP headers are improperly stored. An Elasticsearch user with read access to the...
Elastic 资源管理错误漏洞
Elasticsearch is a search engine based on the Lucene library. An information disclosure vulnerability exists in the asynchronous search API in Elasticsearch 7.7.0 - 7.10.1. The vulnerability stems from the fact that users performing asynchronous searches will incorrectly store HTTP headers. An...