Lucene search
PRIOn knowledge basePRION:CVE-2018-3831HistorySep 19, 2018 - 7:29 p.m.
Information disclosure
2018-09-1919:29:00
PRIOn knowledge base
www.prio-n.com
4
Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.
| CPE | Name | Operator | Version |
|---|---|---|---|
| elasticsearch | ge | 5.6.0 | |
| elasticsearch | lt | 5.6.12 | |
| elasticsearch | ge | 6.0.0 | |
| elasticsearch | lt | 6.4.1 |
Related
cvelist
cvelist
CVE-2018-3831
2018-09-19 19:00:00
osv
osv
CVE-2018-3831
2018-09-19 19:29:01
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
2022-05-13 01:27:27
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
2022-05-13 01:27:27
nessus
nessus
Elasticsearch ESA-2018-15
2018-09-24 00:00:00
Photon OS 1.0: Elasticsearch PHSA-2019-1.0-0205
2019-03-18 00:00:00
nvd
nvd
CVE-2018-3831
2018-09-19 19:29:01
redhatcve
redhatcve
CVE-2018-3831
2018-09-24 20:50:41
veracode
veracode
Information Disclosure
2018-09-26 06:29:44
cve
cve
CVE-2018-3831
2018-09-19 19:29:01
openvas
openvas
ubuntucve
ubuntucve
CVE-2018-3831
2018-09-19 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-2.0-0116
2018-12-26 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-1.0-0205
2019-02-04 00:00:00
Critical Photon OS Security Update - PHSA-2019-0205
2019-02-04 00:00:00
redhat
redhat
(RHSA-2020:3192) Important: Red Hat Fuse 7.7.0 release and security update
2020-07-28 15:50:16