Lucene search
GoogleOSV:GHSA-CQGV-256R-M9R8HistoryMay 24, 2022 - 5:41 p.m.
Insertion of Sensitive Information into Log File in Elasticsearch
2022-05-2417:41:42
Google
osv.dev
8
0.001 Low
EPSS
Percentile
28.4%
Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.
Related
redhatcve
redhatcve
CVE-2020-7021
2021-02-10 21:41:36
nessus
nessus
Photon OS 2.0: Elasticsearch PHSA-2021-2.0-0337
2021-04-20 00:00:00
Photon OS 3.0: Elasticsearch PHSA-2021-3.0-0219
2021-04-20 00:00:00
osv
osv
CVE-2020-7021
2021-02-10 19:15:11
BIT-elasticsearch-2020-7021
2024-03-06 10:54:14
openvas
openvas
Elastic Elasticsearch Information Disclosure Vulnerability (ESA-2021-03)
2021-02-15 00:00:00
ibm
ibm
github
github
Insertion of Sensitive Information into Log File in Elasticsearch
2022-05-24 17:41:42
prion
prion
Information disclosure
2021-02-10 19:15:00
cbl_mariner
cbl_mariner
CVE-2020-7021 affecting package rubygem-elasticsearch 7.6.0-1
2022-05-26 19:04:38
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0219
2021-04-14 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0337
2021-04-17 00:00:00
Moderate Photon OS Security Update - PHSA-2021-3.0-0219
2021-04-14 00:00:00
ubuntucve
ubuntucve
CVE-2020-7021
2021-02-10 00:00:00
cve
cve
CVE-2020-7021
2021-02-10 19:15:11
veracode
veracode
Information Disclosure
2021-02-15 04:34:05
nvd
nvd
CVE-2020-7021
2021-02-10 19:15:11
cvelist
cvelist
CVE-2020-7021
2021-02-10 18:55:15