0.001 Low
EPSS
Percentile
28.4%
elasticsearch is vulnerable to information disclosures. A malicious user can query the _snapshot API to receive the access_key and security_key parameters in plaintext.
_snapshot
access_key
security_key
discuss.elastic.co/t/elastic-stack-6-3-0-and-5-6-10-security-update/135777
www.elastic.co/community/security