github.com/elastic/cloud-on-k8s uses an insecure random number generator. Passwords are generated using an insecure random number generator, which would allow an attacker to easily brute-force and discover the Elasticsearch credentials generated by ECK.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/elastic/cloud-on-k8s | eq | 1.0.0 | |
github.com/elastic/cloud-on-k8s | eq | 1.0.0 |