Elastic Search Elastic Cloud Enterprise 2.0.0

CPE Details

Elastic Search Elastic Cloud Enterprise 2.0.0
elastic
elastic_cloud_enterprise
2.0.0
2019-09-26
13h40 +00:00
2019-09-26
13h40 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:elastic:elastic_cloud_enterprise:2.0.0:*:*:*:*:*:*:*

Informations

Vendor

elastic

Product

elastic_cloud_enterprise

Version

2.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-31418 2023-10-26
17h36 +00:00		 An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.
7.5
High
CVE-2022-23716 2022-09-28
17h34 +00:00		 A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
5.3
Medium
CVE-2022-23715 2022-08-25
15h25 +00:00		 A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore
6.5
Medium