Lucene search
K
ElasticMost viewed

248 matches found

Elastic
Elastic
added 2018/06/13 6:23 p.m.12 views

Elastic Stack 6.3.0 and 5.6.10 Security Update

Elasticsearch Information Exposure Vulnerability ESA-2018-10 In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the snapshot API. When the accesskey and securitykey parameters are set using the snapshot API they can be exposed as plain text by users able to query the...

8.1CVSS6.4AI score0.01014EPSS
Exploits0
Elastic
Elastic
added 2026/07/01 1:50 p.m.11 views

Elasticsearch 8.19.17, 9.3.6, 9.4.3 Security Update (ESA-2026-42)

Uncontrolled Recursion in Elasticsearch Leading to Denial of Service Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the...

6.5CVSS5.7AI score0.00309EPSS
Exploits0
Elastic
Elastic
added 2026/05/28 7:24 p.m.11 views

8.19.16, 9.3.5 Security Update (ESA-2026-33)

Operation on a Resource after Expiration or Termination in Kibana Leading to Unauthorized File Access Operation on a Resource after Expiration or Termination CWE-672 in Kibana can lead to unauthorized information disclosure. A logic error in how expiration timestamps were validated allowed a...

5.3CVSS5.7AI score0.00238EPSS
Exploits0
Elastic
Elastic
added 2026/03/30 2:17 p.m.11 views

Elastic OTel Java 1.10.0 Security Update (ESA-2026-22 / GHSA-xw7x-h9fj-p2c7)

Dependency on Vulnerable Third-Party Component in Elastic OTel Java Leading to Remote Code Execution Dependency on Vulnerable Third-Party Component CWE-1395 exists in Elastic OTel Java via a dependency on OpenTelemetry Java instrumentation library. This vulnerability could allow an attacker to...

9.8CVSS6.5AI score0.00933EPSS
Exploits1
Elastic
Elastic
added 2026/03/19 4:59 p.m.11 views

Elasticsearch 8.19.8, 9.1.8 Security Update (ESA-2026-18)

Deserialization of Untrusted Data in Elasticsearch Leading to Remote Code Execution Dependency on Vulnerable Third-Party Component CWE-1395 exists in PyTorch used by the machine learning model loading component in Elasticsearch that can allow an attacker to achieve remote code execution via Objec...

9.8CVSS8AI score0.01917EPSS
Exploits1
Elastic
Elastic
added 2026/01/13 8:47 p.m.11 views

Kibana 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-08)

Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation ESA-2026-08 Improper Input Validation CWE-20 in Kibana's Email Connector can allow an attacker to cause an Excessive Allocation CAPEC-130 through a specially crafted email address parameter. This requires an...

6.5CVSS6.9AI score0.0037EPSS
Exploits0
Elastic
Elastic
added 2025/12/18 9:28 p.m.11 views

Kibana 8.19.7, 9.1.7, and 9.2.1 Security Update (ESA-2025-39)

Kibana Improper Authorization ESA-2025-39 Improper Authorization CWE-285 in Kibana can lead to privilege escalation CAPEC-233 by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the 'live queries - read'...

4.3CVSS6.9AI score0.00197EPSS
Exploits0
Elastic
Elastic
added 2025/12/18 9:24 p.m.11 views

Kibana 8.19.9, 9.1.9, and 9.2.3 Security Update (ESA-2025-34)

Kibana Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' ESA-2025-34 Improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 allows an authenticated user to embed a malicious script in content that will be served to web browsers...

7.2CVSS5AI score0.00205EPSS
Exploits0
Elastic
Elastic
added 2025/12/18 9:16 p.m.11 views

Packetbeat 8.19.9, 9.1.9, and 9.2.3 Security Update (ESA-2025-31)

Packetbeat Out-of-bounds Read ESA-2025-31 Out-of-bounds read CWE-125 allows an unauthenticated remote attacker to perform a buffer overflow CAPEC-100 via the NFS protocol dissector, leading to a denial-of-service DoS through a reliable process crash when handling truncated XDR-encoded RPC message...

6.5CVSS5.8AI score0.002EPSS
Exploits0
Elastic
Elastic
added 2025/10/13 1:44 p.m.11 views

Elastic Cloud Enterprise (ECE) 3.8.2 and 4.0.2 Security Update (ESA-2025-21)

Elastic Cloud Enterprise ECE Improper Neutralization of Special Elements Used in a Template Engine ESA-2025-21 Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise ECE can lead to a malicious actor with Admin access exfiltrating sensitive information a...

9.1CVSS6.9AI score0.00578EPSS
Exploits0
Elastic
Elastic
added 2025/10/06 4:20 p.m.11 views

Kibana 8.18.8, 8.19.5, 9.0.8, and 9.1.5 Security Update (ESA-2025-20)

Kibana Cross-Site Scripting XSS ESA-2025-20 Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload. Affected Versions: 7.x: All versions prior to and including 7.17.29 8.x: All versions from 8.0.0 up to and including 8.18.7 8.19.x: All...

8.7CVSS5.2AI score0.00223EPSS
Exploits0
Elastic
Elastic
added 2025/05/06 4:33 p.m.11 views

Logstash 8.17.6, 8.18.1, and 9.0.1 Security Update (ESA-2025-08)

Logstash Improper Certificate Validation in TCP output ESA-2025-08 Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle MitM attack in “client” mode, as hostname verification in TCP output was not being performed when the sslverificationmode = full was set...

6.5CVSS6.8AI score0.00145EPSS
Exploits0
Elastic
Elastic
added 2025/05/01 10:11 a.m.11 views

Elastic Agent 7.17.25 and 8.15.4 Security Update (ESA-2024-39)

Elastic Agent Inclusion of Functionality from Untrusted Control Sphere ESA-2024-39 Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the...

7.8CVSS7.7AI score0.00168EPSS
Exploits0
Elastic
Elastic
added 2025/03/05 9:41 a.m.11 views

Kibana 8.17.3 / 8.16.6 Security Update (ESA-2025-06)

Kibana arbitrary code execution via prototype pollution ESA-2025-06 Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions = 8.15.0 and = 8.15.0 and = 8.17.0 and 8.17.3 Solutions and Mitigations: Users...

9.9CVSS8AI score0.01248EPSS
Exploits0
Elastic
Elastic
added 2025/01/22 3:9 p.m.11 views

Fleet Server 8.15.0 Security Update ( ESA-2024-31)

Fleet Server sensitive information exposure via logs ESA-2024-31 An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of the sensitive information largely depends on the integrations enabled...

9CVSS6.6AI score0.00269EPSS
Exploits0
Elastic
Elastic
added 2024/09/05 7:19 p.m.11 views

Kibana 8.15.1 Security Update (ESA-2024-27, ESA-2024-28)

Kibana arbitrary code execution via YAML deserialization in Amazon Bedrock Connector ESA-2024-27 A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic...

9.9CVSS8AI score0.01257EPSS
Exploits0
Elastic
Elastic
added 2024/08/05 10:23 p.m.11 views

Kibana 8.14.2 / 7.17.23 Security Update (ESA-2024-22)

Kibana arbitrary code execution via prototype pollution ESA-2024-22 A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability,...

9.1CVSS7.7AI score0.01648EPSS
Exploits0
Elastic
Elastic
added 2024/07/30 9:22 p.m.11 views

Kibana 7.17.23/8.14.0 Security Update (ESA-2024-16)

Kibana Denial of Service issue ESA-2024-16 An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint. Affected Versions: Kibana 8.x versions prior to 8.14.0 and Kibana 7.x...

6.5CVSS6.7AI score0.00413EPSS
Exploits0
Elastic
Elastic
added 2024/06/28 4:54 a.m.11 views

Elastic Cloud Enterprise 3.7.2 Security Update (ESA-2024-18)

ECE Improper Authorization ESA-2024-18 It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges. Affected Versions: ECE versions after 3.0.0 and...

9.8CVSS6.9AI score0.00603EPSS
Exploits0
Elastic
Elastic
added 2024/06/14 4:47 a.m.11 views

Kibana 8.14.0/7.17.22 Security Update (ESA-2024-11)

Kibana uncontrolled resource consumption ESA-2024-11 A high-privileged user, allowed to create custom osquery packs could affect the availability of Kibana by uploading a maliciously crafted osquery pack. Affected Versions: Kibana versions after 7.13.0 and before 7.17.22 and versions after 8.0.0...

4.9CVSS6.8AI score0.01764EPSS
Exploits1
Elastic
Elastic
added 2021/12/15 10:21 p.m.11 views

Elasticsearch 5.0.0-5.6.10 and 6.0.0-6.3.2: Log4j CVE-2021-44228, CVE-2021-45046 remediation

Note — If you are not running Elasticsearch 5.0.0-5.6.10 or 6.0.0-6.3.2, these instructions do not apply. Please follow the guidance in themain announcement. Instructions for removing JndiLookup from the log4j-core JAR file​ These instructions only apply to users running Elasticsearch versions...

10CVSS7.6AI score0.99999EPSS
Exploits353
Elastic
Elastic
added 2021/12/10 9:42 p.m.11 views

Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31

Subject: Apache Log4j2 Vulnerability - CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832 - ESA-2021-31 ​​Note - We will update this announcement with new details as they emerge from our analysis. Please check back periodically. Update Log Dec 16, 2021 - 04:20 UTC - Update Summary: EC...

10CVSS8.8AI score0.99999EPSS
Exploits358
Elastic
Elastic
added 2021/11/18 5:41 p.m.11 views

APM Java Agent Security Update

APM Java Agent Local Privilege Escalation issue ESA-2021-29 A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account...

7.8CVSS7.1AI score0.00208EPSS
Exploits0
Elastic
Elastic
added 2021/07/20 3:14 p.m.11 views

Elasticsearch 7.13.4 Security Update

Elasticsearch memory disclosure issue ESA-2021-16 A memory disclosure vulnerability was identified in Elasticsearch’s error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing...

6.5CVSS7.8AI score0.76249EPSS
Exploits6
Elastic
Elastic
added 2019/10/23 4:7 p.m.11 views

Elastic Stack 7.4.1 security update

Logstash Beats input denial of service flaw ESA-2019-14 A denial of service flaw was found in the Logstash beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop...

7.5CVSS6.7AI score0.0153EPSS
Exploits0
Elastic
Elastic
added 2026/02/26 4:51 p.m.10 views

Packetbeat 8.19.11, 9.2.5 Security Update (ESA-2026-10)

Improper Validation of Array Index in Packetbeat Leading to Denial of Service Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go...

5.7CVSS5.5AI score0.00454EPSS
Exploits0
Elastic
Elastic
added 2026/01/13 8:45 p.m.10 views

Kibana 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-03)

Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation ESA-2026-03 Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted request. This causes the application to perfor...

6.5CVSS6.9AI score0.00273EPSS
Exploits0
Elastic
Elastic
added 2026/01/13 8:43 p.m.10 views

Packetbeat 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-02)

Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers ESA-2026-02 Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacke...

6.5CVSS6.9AI score0.00197EPSS
Exploits0
Elastic
Elastic
added 2025/08/28 3:35 p.m.10 views

Kibana 9.0.6, 9.1.3 Security Update (ESA-2025-13)

Kibana privilege escalation viareportinguser role ESA-2025-13 Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces. Affected Versions: Kibana versions starting from and including 9.0.0,...

6.5CVSS5.4AI score0.00254EPSS
Exploits0
Elastic
Elastic
added 2025/08/18 2:9 a.m.10 views

Elastic Response to Blog ‘EDR 0-Day Vulnerability’

Updated: August 29, 2025 Elastic has been directly engaging with the independent researcher. After evaluating additional information provided by the researcher, our original assessment still stands. To confirm we are responsibly assessing this report and providing an unbiased perspective, we are...

8.5AI score
Exploits0
Elastic
Elastic
added 2025/07/29 11:32 p.m.10 views

Beats (Windows Installer) 8.18.6, 8.19.3, 9.0.6, & 9.1.0 Security Update (ESA-2025-12)

Beats Uncontrolled Search Path Element can lead to Local Privilege Escalation LPE when using the Windows Installer ESA-2025-12 An uncontrolled search path element vulnerability can lead to local privilege Escalation LPE via Insecure Directory Permissions. The vulnerability arises from improper...

7CVSS5.7AI score0.00138EPSS
Exploits0
Elastic
Elastic
added 2025/06/24 5:1 p.m.10 views

Kibana 7.17.29, 8.17.8, 8.18.3, 9.0.3 Security Update (ESA-2025-10)

Kibana Open Redirect ESA-2025-10 URL redirection to an untrusted site 'Open Redirect' in Kibana can lead to sending a user to an arbitrary site and server-side request forgery via a specially crafted URL. Affected Versions: Kibana versions up to and including 7.17.28, 8.0.0 up to and including...

5.4CVSS6.8AI score0.0039EPSS
Exploits0
Elastic
Elastic
added 2025/05/01 10:15 a.m.10 views

Kibana 7.17.19 and 8.13.0 Security Update (ESA-2024-47)

Kibana Unrestricted Upload of File ESA-2024-47 Unrestricted file upload in Kibana allows an authenticated attacker to compromise software integrity by uploading a crafted malicious file due to insufficient server-side validation. Affected Versions: 7.17.0 to 7.17.18 and 8.0.0 to 8.12.3 Solutions...

4.3CVSS6.9AI score0.00274EPSS
Exploits0
Elastic
Elastic
added 2025/05/01 10:6 a.m.10 views

Elastic Agent / Elastic Endpoint Security Security Update (ESA-2025-03)

Elastic Agent / Elastic Endpoint Security local API key disclosure ESA-2025-03 Exposure of sensitive information to local unauthorized actors in Elastic Agent and Elastic Security Endpoint can lead to loss of confidentiality and impersonation of Endpoint to the Elastic Stack. This issue was...

7.1CVSS6.2AI score0.00153EPSS
Exploits0
Elastic
Elastic
added 2025/04/08 3:57 p.m.10 views

Elastic Defend 8.17.3 Security Update (ESA-2025-05)

Elastic Defend Insertion of Sensitive Information into Log Files ESA-2025-05 Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack. This...

6.5CVSS6.5AI score0.00311EPSS
Exploits0
Elastic
Elastic
added 2025/01/22 3:4 p.m.10 views

Kibana 8.15.0 Security Update (ESA-2024-29, ESA-2024-30)

Kibana server-side request forgery ESA-2024-29 A server side request forgery vulnerability was identified in Kibana where the /api/fleet/healthcheck API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints available over https that retu...

7.7CVSS6.4AI score0.0041EPSS
Exploits0
Elastic
Elastic
added 2024/06/06 3:32 a.m.10 views

Elasticsearch 8.14.0 Security Update (ESA-2024-13)

Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions ESA-2024-13 It was identified that if a cross-cluster API key restricts search for a given index using the query or the fieldsecurity parameter, and the same cross-cluster API key also grants replication for the...

6.5CVSS6.9AI score0.00456EPSS
Exploits0
Elastic
Elastic
added 2024/04/22 9:19 a.m.10 views

Elastic Security Statement for CVE-2024-3094, xz versions 5.6.0 and 5.6.1

Elastic Products are not affected by this issue. On March 29th, 2024, Elastic became aware of the malicious code planted in the xz package. Elastic has performed an investigation to identify any Elastic Products which may be impacted by this issue and we have concluded that no Elastic products us...

10CVSS7.2AI score0.85974EPSS
Exploits40
Elastic
Elastic
added 2024/03/27 4:53 p.m.10 views

Elasticsearch 8.13.0 Security Update (ESA-2024-07)

Elasticsearch Improper Authorization in the Remote Cluster Security API key based security model ESA-2024-07 It was identified by the Elastic engineering team that the API key based security model for Remote Cluster Security, which is currently in Beta, is affected by an improper authorization...

6.5CVSS6.9AI score0.00435EPSS
Exploits0
Elastic
Elastic
added 2024/02/06 10:23 p.m.10 views

Elastic Network Drive Connector 8.12.1 Security Update (ESA-2024-02)

Elastic Network Drive Connector Improper Access Control ESA-2024-02 An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in...

6.5CVSS7AI score0.00365EPSS
Exploits0
Elastic
Elastic
added 2023/11/14 6:38 p.m.10 views

Kibana 8.11.1 Security Update (ESA-2023-25)

Kibana Insertion of Sensitive Information into Log File ESA-2023-25 An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may...

8CVSS6.6AI score0.00656EPSS
Exploits0
Elastic
Elastic
added 2023/09/06 10:30 p.m.10 views

Elasticsearch 8.9.2 and 7.17.13 Security Update

Elasticsearch Insertion of sensitive information in audit logs ESA-2023-12 Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for API...

4.4CVSS7.5AI score0.00228EPSS
Exploits0
Elastic
Elastic
added 2023/02/03 2:30 p.m.10 views

Elastic 7.17.9, 8.5.0 and 8.6.1 Security Update

Kibana authenticated Denial of Service issue ESA-2023-02 A flawCVE-2022-38900 was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to to perform a request that crashes the Kibana server process. Affected Versions: Kibana Versions 7.0.0 through 7.17.8...

7.8CVSS6.8AI score0.24928EPSS
Exploits1
Elastic
Elastic
added 2022/09/28 4:15 a.m.10 views

Elastic Cloud Enterprise 3.1.1 Security Update

Elastic Cloud Enterprise Sensitive information disclosure issue ESA-2022-11 A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster. Affected Versions: Elastic...

5.3CVSS6.2AI score0.00532EPSS
Exploits0
Elastic
Elastic
added 2022/02/28 9:24 p.m.10 views

Elastic Stack 7.17.1 Security Update

Elasticsearch privilege escalation issue ESA-2022-02 A flaw was discovered in elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this...

6.1CVSS5.2AI score0.00909EPSS
Exploits0
Elastic
Elastic
added 2021/11/10 7:18 p.m.10 views

Kibana 7.15.2 Security Update

Kibana Path Traversal issue ESA-2021-26 It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the...

4.3CVSS6.3AI score0.00697EPSS
Exploits0
Elastic
Elastic
added 2021/07/07 5:23 p.m.10 views

Elasticsearch 7.13.3 and 6.8.17 Security Update

Elasticsearch Denial of Service issue ESA-2021-15 An uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that wi...

6.5CVSS6.8AI score0.0166EPSS
Exploits0
Elastic
Elastic
added 2020/05/13 7:40 p.m.10 views

Enterprise Search 7.7.0 security update

Elastic App Search Cross Site Scripting flaw ESA-2020-04 Elastic App Search versions before 7.7.0 contain a cross site scripting XSS flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacke...

6.1CVSS5.8AI score0.00983EPSS
Exploits0
Elastic
Elastic
added 2020/03/04 6:1 p.m.10 views

Elastic Stack 6.8.7 and 7.6.1 security update

Kibana Node.js security flaws ESA-2020-01 The version of Node.js shipped in all versions of Kibana prior to 7.6.1 and 6.8.7 contain three security flaws. CVE-2019-15604 describes a Denial of Service DoS flaw in the TLS handling code of Node.js. Successful exploitation of this flaw could result in...

9.8CVSS9.6AI score0.57132EPSS
Exploits2
Elastic
Elastic
added 2019/10/01 3:3 p.m.10 views

Elastic Stack 7.4.0 security update

Elastic Code local file disclosure flaw ESA-2019-12 A local file disclosure flaw was found in Elastic Code. If a malicious code repository is imported into Code it is possible to read arbitrary files from the local filesystem of the Kibana instance running Code with the permission of the Kibana...

6.5CVSS6.7AI score0.02429EPSS
Exploits0
Total number of security vulnerabilities248