Lucene search
Veracode Vulnerability DatabaseVERACODE:7530HistorySep 26, 2018 - 6:29 a.m.
Information Disclosure
2018-09-2606:29:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
359
0.001 Low
EPSS
Percentile
34.0%
elasticsearch is vulnerable to information disclosure. The library does not properly filter the settings API, allowing a malicious user can pass a query to the _cluster/settings API to gain access to sensitive configuration information like passwords, tokens or usernames.
Related
cvelist
cvelist
CVE-2018-3831
2018-09-19 19:00:00
osv
osv
CVE-2018-3831
2018-09-19 19:29:01
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
2022-05-13 01:27:27
prion
prion
Information disclosure
2018-09-19 19:29:00
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
2022-05-13 01:27:27
nvd
nvd
CVE-2018-3831
2018-09-19 19:29:01
nessus
nessus
Elasticsearch ESA-2018-15
2018-09-24 00:00:00
Photon OS 1.0: Elasticsearch PHSA-2019-1.0-0205
2019-03-18 00:00:00
redhatcve
redhatcve
CVE-2018-3831
2018-09-24 20:50:41
cve
cve
CVE-2018-3831
2018-09-19 19:29:01
ubuntucve
ubuntucve
CVE-2018-3831
2018-09-19 00:00:00
openvas
openvas
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-2.0-0116
2018-12-26 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-1.0-0205
2019-02-04 00:00:00
Critical Photon OS Security Update - PHSA-2019-0205
2019-02-04 00:00:00
redhat
redhat
(RHSA-2020:3192) Important: Red Hat Fuse 7.7.0 release and security update
2020-07-28 15:50:16