Lucene search
PRIOn knowledge basePRION:CVE-2018-3826HistorySep 19, 2018 - 7:29 p.m.
Design/Logic Flaw
2018-09-1919:29:00
PRIOn knowledge base
www.prio-n.com
6
In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. When the access_key and security_key parameters are set using the _snapshot API they can be exposed as plain text by users able to query the _snapshot API.
| CPE | Name | Operator | Version |
|---|---|---|---|
| elasticsearch | eq | 6.0.0 beta1 | |
| elasticsearch | ge | 6.0.0 | |
| elasticsearch | le | 6.2.4 |
Related
osv
osv
CVE-2018-3826
2018-09-19 19:29:00
veracode
veracode
Information Disclosure
2018-09-20 06:50:52
nessus
nessus
Elasticsearch ESA-2018-10
2018-08-22 00:00:00
cve
cve
CVE-2018-3826
2018-09-19 19:29:00
openvas
openvas
Elasticsearch '_snapshot API' Information Disclosure Vulnerability - Linux
2018-10-09 00:00:00
Elasticsearch '_snapshot API' Information Disclosure Vulnerability - Windows
2018-10-09 00:00:00
nvd
nvd
CVE-2018-3826
2018-09-19 19:29:00
cvelist
cvelist
CVE-2018-3826
2018-09-19 19:00:00
ubuntucve
ubuntucve
CVE-2018-3826
2018-09-19 00:00:00