248 matches found
Elastic Stack 6.6.1 and 5.6.15 security update
Kibana XSS issue ESA-2019-01 Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting XSS vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. Affected Versions Kibana versions before 5.6.15 and...
Elastic Stack 6.5.2 security update
Elasticsearch information disclosure ESA-2018-19 Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning’s findfilestructure API. If a policy allowing external network access has been added to Elasticsearch’s Java Security Manager then an attacker could send a...
Elastic Cloud Enterprise 1.1.4 security update
Elastic Cloud Enterprise use of shared encryption key ESA-2018-09 In Elastic Cloud Enterprise ECE versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. Unless explicitly overwritten, this master key is predictable...
Elastic Stack 6.2.4 and 5.6.9 security update
X-Pack Machine Learning XSS vulnerability ESA-2018-06 X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting XSS vulnerability. Users with manageml permissions could create jobs containing malicious data as part of their configuration that could allow the attacker to...
Kibana 6.1.1 security update
Kibana arbitrary code execution issue ESA-2017-24 Kibana version 6.1.0 had an arbitrary code execution vulnerability in the Math.js package which is used by math aggregations in Time Series Visual Builder. Kibana users could construct a math aggregation capable of executing arbitrary code on the...
Beats 5.6.4 security update
Packetbeat denial of service ESA-2017-21 Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could...
Elastic Cloud Enterprise 1.0.2 security update
Elastic Cloud Enterprise unsecured communication ESA-2017-13 The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle MITM the traffic between the client-forwarder and ZooKeeper they could...
Elastic Stack 5.4.1 and 5.3.3 Security updates
X-Pack 5.4.1 privilege escalation ESA-2017-06 X-Pack 5.4.1 has been released which fixes a privilege escalation bug in the runas functionality. This bug prevents transitioning into the specified user specified in a runas request. If a role has been created using a template that contains the user...
Elasticsearch remote code execution CVE-2015-5377
Summary Elasticsearch versions prior to 1.6.1 are vulnerable to an engineered attack on its transport protocol that enables remote code execution. This issue is related to the Groovy announcement in CVE-2015-3253. Deployments are vulnerable even when Groovy dynamic scripting is disabled. We have...
Elasticsearch Engineered Attack Vulnerability CVE-2015-4165
Summary: Elasticsearch versions 1.0.0 - 1.5.2 are vulnerable to an engineered attack on other applications on the system. The snapshot API may be used indirectly to place snapshot metadata files into locations that are writeable by the user running the Elasticsearch process. It is possible to...
Kibana 7.17.15, 8.11.1 Security Update (ESA-2026-53)
Improper Output Neutralization for Logs in Kibana Leading to Log Injection Improper Output Neutralization for Logs CWE-117 in Kibana can lead to log injection via Log Injection-Tampering-Forging CAPEC-93. An attacker can supply specially crafted input that is written to log files without proper...
Kibana 8.18.9, 8.19.6, 9.0.8, 9.1.6 Security Update (ESA-2026-50)
Insertion of Sensitive Information into Log File in Kibana Leading to Information Disclosure Insertion of Sensitive Information into Log File CWE-532 in Kibana can lead to information disclosure. When the optional application performance monitoring APM instrumentation is enabled, sensitive reques...
Fleet Server 8.19.15, 9.3.4, 9.4.0 Security Update (ESA-2026-41)
Dependency on Vulnerable Third-Party Component in Fleet Server Leading to Denial of Service Dependency on Vulnerable Third-Party Component CWE-1395 exists in the Go standard library used by Fleet Server that could allow a remote attacker to cause denial of service by sending a specially crafted...
Elastic Cloud on Kubernetes (ECK) 2.8 Security Update
Elastic Cloud on Kubernetes ECK secret token configuration issue ESA-2023-11 Secret token configuration is never applied when using ECK =8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment. Affected Versions: Elastic Cloud on...
Elasticsearch 8.9.1 / 7.17.13 Security Update
Elasticsearch StackOverflow vulnerability ESA-2023-14 A flaw was discovered in Elasticsearch, affecting the search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service. Affected Versions: Elasticsearch versions from 7.0.0 to 7.17.12 and fr...
Elasticsearch Security Statement regarding CVE-2022-1471
Elasticsearch is not affected by this issue. Elasticsearch is not affected by the issue described in CVE-2022-1471 as, in general, it does not use Snakeyaml to parse YAML. Summary Elasticsearch supports YAML as a format for search queries, and it also uses YAML for its configuration files i.e...
Elastic Stack 7.14.1 Security Update
Kibana code execution issue ESA-2021-21 It was discovered that a user with fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, allowing an attacker to execute commands on the kibana...
Elastic Stack 6.6.2 and 5.6.16 security update
Winlogbeat insufficient logging issue ESA-2019-06 Nate Guagenti @ neu5ron, solutions engineer with Perched Inc. reported an issue in Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbea...
Elastic Stack 6.2.3 security update
X-Pack Security SAML vulnerability ESA-2018-07 X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal. An attacker might have been able to impersonate a legitimate user if the SAML Identity Provider allow...
Elastic Stack 6.1.2 and 5.6.6 security update
Logstash sensitive information disclosure issue ESA-2018-01 When logging warnings regarding deprecated settings, Logstash could inadvertently log sensitive information. Affected Versions All versions before 6.1.2 and 5.6.6 Solutions and Mitigations: Users should upgrade to Logstash version 6.1.2 ...
X-Pack Security 5.6.0 and 5.5.3 security update
X-Pack Security permission issue ESA-2017-18 An error was found in the X-Pack Security privilege enforcement. If a user has either ‘delete’ or ‘index’ permissions on an index in a cluster, they may be able to issue both delete and index requests against that index. Previously if a user had bulk...
X-Pack Security 5.5.2 security update
X-Pack Security TLS certificate verification error ESA-2017-15 An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node...
Kibana 5.5.2 and 4.6.5 security update
Kibana markdown parser Cross Site Scripting XSS error ESA-2017-16 Kibana versions prior to 5.5.2 had a cross-site scripting XSS vulnerability in the markdown parser that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users...
Logstash 5.0.1 released with a security patch
Hi all, we would like to announce that Logstash 5.0.1 has been released with an important security patch. Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials. We advise our users using Logstash and...
Logstash 2.3.2 Vulnerability with Netflow codec plugin
Hi all, we've published ESA-2016-06 for a vulnerability in netflow codec plugin for Logstash 2.3.2. Thanks to Jorrit Folmer maintainer of netflow codec for reporting and fixing this issue. Details below: Vulnerability Summary: In Logstash versions prior to 2.3.3, when using the Netflow Codec...
Kibana 4.4.2, 4.3.3, 4.1.6 - Updated node.js versions due to upstream vulnerabilities
Same deal as last month, but we've bumped all 3 version to node v4.3.2 to cover security issues in node.js. You can read their maintenance announcement here: https://nodejs.org/en/blog/release/v4.3.2/ Check out the blog post with release notes or grab the latest version...
Kibana Cross-site Request Forgery CVE-2015-8131
CVE: CVE-2015-8131 Affected versions: All versions up to and including 4.1.2 and 4.2.0. The vulnerability is a cross-site request forgery CSRF or XSRF that could allow an attacker to read and write changes to the .kibana index or gain read and write access to Kibana plugin actions. Remediation: A...
Elasticsearch directory traversal vulnerability CVE-2015-5531
Summary Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack that allows an attacker to retrieve files that are readable by the Elasticsearch JVM process. We have been assigned CVE-2015-5531 for this issue. Fixed versions Versions 1.6.1 and 1.7.0 address the...
Kibana Cross-Site Scripting Vulnerability CVE-2015-4093
Summary: Kibana versions 4.0.0, 4.0.1 and 4.0.2 are vulnerable to a cross-site scripting XSS attack. The attack allows execution of arbitrary JavaScript in the context of the user’s browser. We have been assigned CVE-2015-4093 for this issue. Fixed versions: Version 4.0.3 has addressed the...
Elasticsearch 7.17.24, 8.15.0 Security Update (ESA-2026-52)
Uncontrolled Resource Consumption in Elasticsearch Leading to Denial of Service Uncontrolled Resource Consumption CWE-400 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk request that causes sustained hi...
Elastic Defend 8.19.13, 9.2.7, 9.3.2 Security Update (ESA-2026-46)
Incorrect Authorization in Elastic Defend Leading to Information Disclosure Incorrect Authorization CWE-863 in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs CAPEC-1. Under certain conditions, a low-privileged...
Fleet Server 8.19.11, 9.2.5, 9.3.0 Security Update (ESA-2026-44)
Allocation of Resources Without Limits or Throttling in Fleet Server Leading to Denial of Service Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to ...
Elasticsearch 8.19.17, 9.3.6, 9.4.3 Security Update (ESA-2026-43)
Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a special...
Elasticsearch 8.13.0 / 7.17.19 Security Update (ESA-2024-06)
Elasticsearch Uncontrolled Resource Consumption vulnerability ESA-2024-06 A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash. Affected Versions: Elasticsearch versions on or after 7.0.0 and...
Beats 7.10.1 Security Update
Beats Denial of Service issue ESA-2020-16 A denial of service flaw when parsing malformed TLS public keys was discovered in Go, the language used to implement Beats. If Beats is configured to listen for Syslog over TLS, or if Beats is making outbound connections over HTTPS, a remote attacker coul...
X-Pack Alerting and Kibana 5.6.1 security update
X-Pack alerting privileged user multiple issues An error was found in the permission model used by X-Pack alerting whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges. Affected Versions: 5.0.0 to 5.6.0 Solutions and Mitigations...
Elastic Stack 5.5 Security update
Elasticsearch X-Pack Security user credentials disclosure ESA-2017-10 Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as...
Protect your data from ransom attacks
I wanted to bring attention to two blog posts we have done recently in response to the recent set of data ransom attacks affecting Elasticsearch and other systems. The two are: For Elasticsearch: Protecting Against Attacks that Hold Your Data for Ransom For Kibana: Guarding Kibana from Data...
Kibana 5.0.2 released with a fix for improper authentication
With X-Pack installed, operations in the Advanced Settings panel of the Management tab and operations from the short URL service were performed as the "Kibana Server" user regardless of the user that is currently authenticated. As a result, a user that was defined as read-only could make changes ...
Kibana 4.6.2 released with a security fix for an XSS vulnerability
Today, we've published Kibana 4.6.2 as a security release with a fix for an XSS vulnerability with field formatters. Any users of Kibana versions 4.3 to 4.6 are encouraged to update to 4.6.2 immediately. Kibana version 4.1.11 is not affected. Kibana installs on Elastic Cloud have been updated...
Logstash 2.3.3 Elasticsearch Output Vulnerability
Hi all, we would like to announce a security vulnerability we discovered in our testing. Logstash 2.3.4 has been released with a patch to fix this. Issue Prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information...
Kibana 8.19.17, 9.3.6, 9.4.3 Security Update (ESA-2026-45)
Improper Input Validation in Kibana Leading to Denial of Service Improper Input Validation CWE-20 in Kibana can lead to a denial of service via Input Data Manipulation CAPEC-153. An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can...
Logstash 2.2.1 Elasticsearch Output Vulnerability
Logstash version 2.2.1 is vulnerable to a man in the middle attack when used with Elasticsearch output. In version 2.2.1, the config which enables SSL/TLS default has been disabled inadvertently, so a malicious user could access payload data sent via HTTP during the initial handshake. This has be...
Kibana 4.4.1, 4.3.2, 4.1.5 - Updated node.js versions due to upstream vulnerabilities
Summary: The bundled versions of node.js in Kibana contain HTTP-related security vulnerabilities. Fixed versions of node.js were recently released. For the original node.js security announcement, see https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ Fixed versions: Kibana...
Logstash CSV Output Vulnerability - CVE pending
Summary: Logstash 2.2 and prior versions are vulnerable to a formula based injection, when using the CSV output plugin. This plugin allows users to export data in comma separated values and is susceptible to an attack if the values contained a spreadsheet formula. This vulnerability is not presen...
Kibana 4.x XSS -- CVE pending
Summary Kibana versions up to and including 4.3.0, 4.2.1, and 4.1.3 are vulnerable to a cross-site scripting XSS attack. The attack allows execution of arbitrary JavaScript in the context of the user’s browser. We have requested a CVE number and will update our forum post and website when the...
Kibana 3.1.3
We've identified two content sanitation issues in Kibana 3. While these are low impact and difficult to trigger we're releasing Kibana 3.1.3 to correct them: https://www.elastic.co/downloads/past-releases/kibana-3-1-3...
Elastic Stack 5.5.1 and Kibana 4.6.5 security update
Kibana Node.js security flaw ESA-2017-14 The version of Node.js shipped in all versions of Kibana prior to 5.5.1 contains a Denial of Service flaw in it's HashTable random seed. This flaw could allow a remote attacker to consume resources within Node.js preventing Kibana from servicing requests...