Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-HXP8-R9G3-GRFR
HistoryMay 24, 2022 - 5:00 p.m.

Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch

2022-05-2417:00:08
Google
osv.dev
10

0.002 Low

EPSS

Percentile

52.1%

JSON

Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm.

Related

cve 1
openvas 1
osv 1
ubuntucve 1
cvelist 1
prion 1
veracode 1
nvd 1
symantec 1
github 1
redhatcve 1
ibm 2
cve
cve
CVE-2019-7619
2019-10-30 14:15:11
openvas
openvas
Elastic Elasticsearch Username Disclosure Vulnerability (ESA-2019-13)
2021-01-25 00:00:00
osv
osv
CVE-2019-7619
2019-10-30 14:15:11
ubuntucve
ubuntucve
CVE-2019-7619
2019-10-30 00:00:00
cvelist
cvelist
CVE-2019-7619
2019-10-30 13:37:42
prion
prion
Design/Logic Flaw
2019-10-30 14:15:00
veracode
veracode
Information Disclosure
2019-10-24 04:37:41
nvd
nvd
CVE-2019-7619
2019-10-30 14:15:11
symantec
symantec
Elasticsearch CVE-2019-7619 Information Disclosure Vulnerability
2019-10-24 00:00:00
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
2022-05-24 17:00:08
redhatcve
redhatcve
CVE-2019-7619
2020-03-18 05:12:08
ibm
ibm
Security Bulletin: Multiple vulnerabilities affect IBM Observability with Instana
2022-01-11 20:10:06
Security Bulletin: Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation
2020-12-18 15:33:49

0.002 Low

EPSS

Percentile

52.1%

JSON
Related for OSV:GHSA-HXP8-R9G3-GRFR
cve1openvas1osv1ubuntucve1cvelist1prion1veracode1nvd1symantec1github1redhatcve1ibm2