Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for Elastic Cloud Enterprise by Elastic

    CERTFR-2025-AVI-0953

    Vulnerability from certfr_avis - Published: 2025-11-03 - Updated: 2025-11-03

    Une vulnérabilité a été découverte dans Elastic Cloud Enterprise. Elle permet à un attaquant de provoquer une élévation de privilèges.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Elastic Elastic Cloud Enterprise Elastic Cloud Enterprise versions 3.8.x antérieures à 3.8.3
    Elastic Elastic Cloud Enterprise Elastic Cloud Enterprise versions 4.0.x antérieures à 4.0.3
    References
    Bulletin de sécurité Elastic ESA-2025-22 2025-10-31 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Elastic Cloud Enterprise versions 3.8.x ant\u00e9rieures \u00e0 3.8.3",
          "product": {
            "name": "Elastic Cloud Enterprise",
            "vendor": {
              "name": "Elastic",
              "scada": false
            }
          }
        },
        {
          "description": "Elastic Cloud Enterprise versions 4.0.x ant\u00e9rieures \u00e0 4.0.3",
          "product": {
            "name": "Elastic Cloud Enterprise",
            "vendor": {
              "name": "Elastic",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-37736",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-37736"
        }
      ],
      "initial_release_date": "2025-11-03T00:00:00",
      "last_revision_date": "2025-11-03T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-0953",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-11-03T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elastic Cloud Enterprise. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
      "title": "Vuln\u00e9rabilit\u00e9 dans Elastic Cloud Enterprise",
      "vendor_advisories": [
        {
          "published_at": "2025-10-31",
          "title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-22",
          "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-ece-3-8-3-and-4-0-3-security-update-esa-2025-22/383132"
        }
      ]
    }

    CERTFR-2025-AVI-0866

    Vulnerability from certfr_avis - Published: 2025-10-14 - Updated: 2025-10-14

    Une vulnérabilité a été découverte dans Elastic Cloud Enterprise. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Elastic Elastic Cloud Enterprise Elastic Cloud Enterprise versions antérieures à 3.8.2
    Elastic Elastic Cloud Enterprise Elastic Cloud Enterprise versions 4.0.x antérieures à 4.0.2
    References
    Bulletin de sécurité Elastic ESA-2025-21 2025-10-13 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Elastic Cloud Enterprise versions ant\u00e9rieures \u00e0 3.8.2",
          "product": {
            "name": "Elastic Cloud Enterprise",
            "vendor": {
              "name": "Elastic",
              "scada": false
            }
          }
        },
        {
          "description": "Elastic Cloud Enterprise versions 4.0.x ant\u00e9rieures \u00e0 4.0.2",
          "product": {
            "name": "Elastic Cloud Enterprise",
            "vendor": {
              "name": "Elastic",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-37729",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-37729"
        }
      ],
      "initial_release_date": "2025-10-14T00:00:00",
      "last_revision_date": "2025-10-14T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-0866",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-10-14T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elastic Cloud Enterprise. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Vuln\u00e9rabilit\u00e9 dans Elastic Cloud Enterprise",
      "vendor_advisories": [
        {
          "published_at": "2025-10-13",
          "title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-21",
          "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-ece-3-8-2-and-4-0-2-security-update-esa-2025-21/382641"
        }
      ]
    }

    CERTFR-2024-AVI-0466

    Vulnerability from certfr_avis - Published: 2024-06-06 - Updated: 2024-06-06

    De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Elastic Elastic Cloud Enterprise Elastic Cloud Enterprise versions antérieures à 3.7.1
    Elastic Kibana Kibana versions 8.x.x postérieures à 8.6.3 et antérieures à 8.14.0
    Elastic Elasticsearch Elasticsearch versions 8.x.x postérieures à 8.10.0 et antérieures à 8.14.0
    References
    Bulletin de sécurité Elastic ESA-2024-15 2024-06-05 vendor-advisory
    Bulletin de sécurité Elastic ESA-2024-08 2024-06-05 vendor-advisory
    Bulletin de sécurité Elastic ESA-2024-13 2024-06-06 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Elastic Cloud Enterprise versions ant\u00e9rieures \u00e0 3.7.1",
          "product": {
            "name": "Elastic Cloud Enterprise",
            "vendor": {
              "name": "Elastic",
              "scada": false
            }
          }
        },
        {
          "description": "Kibana versions 8.x.x post\u00e9rieures \u00e0 8.6.3 et ant\u00e9rieures \u00e0 8.14.0",
          "product": {
            "name": "Kibana",
            "vendor": {
              "name": "Elastic",
              "scada": false
            }
          }
        },
        {
          "description": "Elasticsearch versions 8.x.x post\u00e9rieures \u00e0 8.10.0 et ant\u00e9rieures \u00e0 8.14.0",
          "product": {
            "name": "Elasticsearch",
            "vendor": {
              "name": "Elastic",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2023-45288",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
        },
        {
          "name": "CVE-2024-37279",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-37279"
        },
        {
          "name": "CVE-2024-23445",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23445"
        }
      ],
      "initial_release_date": "2024-06-06T00:00:00",
      "last_revision_date": "2024-06-06T00:00:00",
      "links": [],
      "reference": "CERTFR-2024-AVI-0466",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-06-06T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
      "vendor_advisories": [
        {
          "published_at": "2024-06-05",
          "title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-15",
          "url": "https://discuss.elastic.co/t/kibana-8-14-0-security-update-esa-2024-15/360887"
        },
        {
          "published_at": "2024-06-05",
          "title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-08",
          "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-7-0-security-update-esa-2024-08/360888"
        },
        {
          "published_at": "2024-06-06",
          "title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-13",
          "url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-13/360898"
        }
      ]
    }

    CERTFR-2022-AVI-865

    Vulnerability from certfr_avis - Published: 2022-09-29 - Updated: 2022-09-29

    Une vulnérabilité a été découverte dans Elastic Cloud Enterprise. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

    Solution

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    None
    Impacted products
    Vendor Product Description
    Elastic Elastic Cloud Enterprise Elastic Cloud Enterprise versions antérieures à 3.1.1
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Elastic Cloud Enterprise versions ant\u00e9rieures \u00e0 3.1.1",
          "product": {
            "name": "Elastic Cloud Enterprise",
            "vendor": {
              "name": "Elastic",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": null,
      "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
      "cves": [
        {
          "name": "CVE-2022-23716",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23716"
        }
      ],
      "initial_release_date": "2022-09-29T00:00:00",
      "last_revision_date": "2022-09-29T00:00:00",
      "links": [],
      "reference": "CERTFR-2022-AVI-865",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2022-09-29T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elastic Cloud Enterprise. Elle\npermet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
      "title": "Vuln\u00e9rabilit\u00e9 dans Elastic Cloud Enterprise",
      "vendor_advisories": [
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Elastic 315317 du 28 septembre 2022",
          "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
        }
      ]
    }

    CVE-2024-37282 (GCVE-0-2024-37282)

    Vulnerability from nvd – Published: 2024-06-28 04:58 – Updated: 2024-08-02 03:50
    VLAI
    Summary
    It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: 3.0.0 , < 3.7.2 (semver)
    Create a notification for this product.
    elastic elastic_cloud_enterprise Affected: 3.0.0 , < 3.7.2 (semver)
        cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "elastic_cloud_enterprise",
                "vendor": "elastic",
                "versions": [
                  {
                    "lessThan": "3.7.2",
                    "status": "affected",
                    "version": "3.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-37282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-02T14:14:57.087618Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-02T14:20:09.438Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:50:55.693Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-7-2-security-update-esa-2024-18/362181"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "lessThan": "3.7.2",
                  "status": "affected",
                  "version": "3.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.\u003cbr\u003e"
                }
              ],
              "value": "It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-28T04:58:18.200Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-7-2-security-update-esa-2024-18/362181"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2024-37282",
        "datePublished": "2024-06-28T04:58:18.200Z",
        "dateReserved": "2024-06-05T14:21:14.942Z",
        "dateUpdated": "2024-08-02T03:50:55.693Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23716 (GCVE-0-2022-23716)

    Vulnerability from nvd – Published: 2022-09-28 19:34 – Updated: 2025-05-21 14:23
    VLAI
    Summary
    A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: Versions through 3.1.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:51:46.064Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.elastic.co/community/security/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23716",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-21T14:22:36.819713Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-21T14:23:08.842Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions through 3.1.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532: Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-28T19:34:00.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.elastic.co/community/security/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2022-23716",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions through 3.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-532: Insertion of Sensitive Information into Log File"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.elastic.co/community/security/",
                  "refsource": "MISC",
                  "url": "https://www.elastic.co/community/security/"
                },
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317",
                  "refsource": "MISC",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2022-23716",
        "datePublished": "2022-09-28T19:34:00.000Z",
        "dateReserved": "2022-01-19T00:00:00.000Z",
        "dateUpdated": "2025-05-21T14:23:08.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23715 (GCVE-0-2022-23715)

    Vulnerability from nvd – Published: 2022-08-25 17:25 – Updated: 2024-08-03 03:51
    VLAI
    Summary
    A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: Versions through 3.4.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:51:45.962Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.elastic.co/community/security"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions through 3.4.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-25T17:25:42.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.elastic.co/community/security"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2022-23715",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions through 3.4.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-532"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.elastic.co/community/security",
                  "refsource": "MISC",
                  "url": "https://www.elastic.co/community/security"
                },
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825",
                  "refsource": "MISC",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2022-23715",
        "datePublished": "2022-08-25T17:25:42.000Z",
        "dateReserved": "2022-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:51:45.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3829 (GCVE-0-2018-3829)

    Vulnerability from nvd – Published: 2018-09-19 19:00 – Updated: 2024-08-05 04:57
    VLAI
    Summary
    In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An attacker with access to the previous runner ID and IP address of the coordinator-host could add a allocator to an existing ECE install to gain access to other clusters data.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: before 1.1.4
    Create a notification for this product.
    Date Public
    2018-06-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:57:23.572Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.elastic.co/community/security"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.1.4"
                }
              ]
            }
          ],
          "datePublic": "2018-06-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An attacker with access to the previous runner ID and IP address of the coordinator-host could add a allocator to an existing ECE install to gain access to other clusters data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285: Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-19T18:57:01.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.elastic.co/community/security"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2018-3829",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.1.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An attacker with access to the previous runner ID and IP address of the coordinator-host could add a allocator to an existing ECE install to gain access to other clusters data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-285: Improper Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.elastic.co/community/security",
                  "refsource": "CONFIRM",
                  "url": "https://www.elastic.co/community/security"
                },
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778",
                  "refsource": "CONFIRM",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2018-3829",
        "datePublished": "2018-09-19T19:00:00.000Z",
        "dateReserved": "2018-01-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T04:57:23.572Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3828 (GCVE-0-2018-3828)

    Vulnerability from nvd – Published: 2018-09-19 19:00 – Updated: 2024-08-05 04:57
    VLAI
    Summary
    Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials.
    Severity
    No CVSS data available.
    CWE
    • CWE-532 - Information Exposure Through Log Files
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: before 1.1.4
    Create a notification for this product.
    Date Public
    2018-06-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:57:24.513Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.elastic.co/community/security"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.1.4"
                }
              ]
            }
          ],
          "datePublic": "2018-06-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532: Information Exposure Through Log Files",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-19T18:57:01.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.elastic.co/community/security"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2018-3828",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.1.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-532: Information Exposure Through Log Files"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.elastic.co/community/security",
                  "refsource": "CONFIRM",
                  "url": "https://www.elastic.co/community/security"
                },
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778",
                  "refsource": "CONFIRM",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2018-3828",
        "datePublished": "2018-09-19T19:00:00.000Z",
        "dateReserved": "2018-01-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T04:57:24.513Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8444 (GCVE-0-2017-8444)

    Vulnerability from nvd – Published: 2017-09-28 19:00 – Updated: 2024-08-05 16:34
    VLAI
    Summary
    The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data.
    Severity
    No CVSS data available.
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: 1.0.0 and 1.0.1
    Create a notification for this product.
    Date Public
    2017-09-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:34:22.949Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0 and 1.0.1"
                }
              ]
            }
          ],
          "datePublic": "2017-09-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319: Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T18:57:02.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2017-8444",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.0.0 and 1.0.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-319: Cleartext Transmission of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247",
                  "refsource": "MISC",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2017-8444",
        "datePublished": "2017-09-28T19:00:00.000Z",
        "dateReserved": "2017-05-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T16:34:22.949Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-37282 (GCVE-0-2024-37282)

    Vulnerability from cvelistv5 – Published: 2024-06-28 04:58 – Updated: 2024-08-02 03:50
    VLAI
    Summary
    It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: 3.0.0 , < 3.7.2 (semver)
    Create a notification for this product.
    elastic elastic_cloud_enterprise Affected: 3.0.0 , < 3.7.2 (semver)
        cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "elastic_cloud_enterprise",
                "vendor": "elastic",
                "versions": [
                  {
                    "lessThan": "3.7.2",
                    "status": "affected",
                    "version": "3.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-37282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-02T14:14:57.087618Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-02T14:20:09.438Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:50:55.693Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-7-2-security-update-esa-2024-18/362181"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "lessThan": "3.7.2",
                  "status": "affected",
                  "version": "3.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.\u003cbr\u003e"
                }
              ],
              "value": "It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-28T04:58:18.200Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-7-2-security-update-esa-2024-18/362181"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2024-37282",
        "datePublished": "2024-06-28T04:58:18.200Z",
        "dateReserved": "2024-06-05T14:21:14.942Z",
        "dateUpdated": "2024-08-02T03:50:55.693Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23716 (GCVE-0-2022-23716)

    Vulnerability from cvelistv5 – Published: 2022-09-28 19:34 – Updated: 2025-05-21 14:23
    VLAI
    Summary
    A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: Versions through 3.1.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:51:46.064Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.elastic.co/community/security/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23716",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-21T14:22:36.819713Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-21T14:23:08.842Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions through 3.1.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532: Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-28T19:34:00.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.elastic.co/community/security/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2022-23716",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions through 3.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-532: Insertion of Sensitive Information into Log File"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.elastic.co/community/security/",
                  "refsource": "MISC",
                  "url": "https://www.elastic.co/community/security/"
                },
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317",
                  "refsource": "MISC",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2022-23716",
        "datePublished": "2022-09-28T19:34:00.000Z",
        "dateReserved": "2022-01-19T00:00:00.000Z",
        "dateUpdated": "2025-05-21T14:23:08.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23715 (GCVE-0-2022-23715)

    Vulnerability from cvelistv5 – Published: 2022-08-25 17:25 – Updated: 2024-08-03 03:51
    VLAI
    Summary
    A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: Versions through 3.4.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:51:45.962Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.elastic.co/community/security"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions through 3.4.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-25T17:25:42.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.elastic.co/community/security"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2022-23715",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions through 3.4.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-532"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.elastic.co/community/security",
                  "refsource": "MISC",
                  "url": "https://www.elastic.co/community/security"
                },
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825",
                  "refsource": "MISC",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2022-23715",
        "datePublished": "2022-08-25T17:25:42.000Z",
        "dateReserved": "2022-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:51:45.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3828 (GCVE-0-2018-3828)

    Vulnerability from cvelistv5 – Published: 2018-09-19 19:00 – Updated: 2024-08-05 04:57
    VLAI
    Summary
    Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials.
    Severity
    No CVSS data available.
    CWE
    • CWE-532 - Information Exposure Through Log Files
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: before 1.1.4
    Create a notification for this product.
    Date Public
    2018-06-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:57:24.513Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.elastic.co/community/security"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.1.4"
                }
              ]
            }
          ],
          "datePublic": "2018-06-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532: Information Exposure Through Log Files",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-19T18:57:01.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.elastic.co/community/security"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2018-3828",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.1.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-532: Information Exposure Through Log Files"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.elastic.co/community/security",
                  "refsource": "CONFIRM",
                  "url": "https://www.elastic.co/community/security"
                },
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778",
                  "refsource": "CONFIRM",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2018-3828",
        "datePublished": "2018-09-19T19:00:00.000Z",
        "dateReserved": "2018-01-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T04:57:24.513Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3829 (GCVE-0-2018-3829)

    Vulnerability from cvelistv5 – Published: 2018-09-19 19:00 – Updated: 2024-08-05 04:57
    VLAI
    Summary
    In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An attacker with access to the previous runner ID and IP address of the coordinator-host could add a allocator to an existing ECE install to gain access to other clusters data.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: before 1.1.4
    Create a notification for this product.
    Date Public
    2018-06-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:57:23.572Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.elastic.co/community/security"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.1.4"
                }
              ]
            }
          ],
          "datePublic": "2018-06-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An attacker with access to the previous runner ID and IP address of the coordinator-host could add a allocator to an existing ECE install to gain access to other clusters data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285: Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-19T18:57:01.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.elastic.co/community/security"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2018-3829",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.1.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An attacker with access to the previous runner ID and IP address of the coordinator-host could add a allocator to an existing ECE install to gain access to other clusters data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-285: Improper Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.elastic.co/community/security",
                  "refsource": "CONFIRM",
                  "url": "https://www.elastic.co/community/security"
                },
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778",
                  "refsource": "CONFIRM",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2018-3829",
        "datePublished": "2018-09-19T19:00:00.000Z",
        "dateReserved": "2018-01-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T04:57:23.572Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8444 (GCVE-0-2017-8444)

    Vulnerability from cvelistv5 – Published: 2017-09-28 19:00 – Updated: 2024-08-05 16:34
    VLAI
    Summary
    The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data.
    Severity
    No CVSS data available.
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Elastic Elastic Cloud Enterprise Affected: 1.0.0 and 1.0.1
    Create a notification for this product.
    Date Public
    2017-09-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:34:22.949Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Elastic Cloud Enterprise",
              "vendor": "Elastic",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0 and 1.0.1"
                }
              ]
            }
          ],
          "datePublic": "2017-09-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319: Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T18:57:02.000Z",
            "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
            "shortName": "elastic"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@elastic.co",
              "ID": "CVE-2017-8444",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Elastic Cloud Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.0.0 and 1.0.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Elastic"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-319: Cleartext Transmission of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247",
                  "refsource": "MISC",
                  "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "assignerShortName": "elastic",
        "cveId": "CVE-2017-8444",
        "datePublished": "2017-09-28T19:00:00.000Z",
        "dateReserved": "2017-05-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T16:34:22.949Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }