Elastic Search Elastic Cloud Enterprise 2.2.3

CPE Details

Elastic Search Elastic Cloud Enterprise 2.2.3
elastic
elastic_cloud_enterprise
2.2.3
2019-09-26
13h40 +00:00
2019-09-26
13h40 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:elastic:elastic_cloud_enterprise:2.2.3:*:*:*:*:*:*:*

Informations

Vendor

elastic

Product

elastic_cloud_enterprise

Version

2.2.3

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-31418 2023-10-26 17h36 +00:00 An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.
7.5
Haute
CVE-2022-23716 2022-09-28 17h34 +00:00 A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
5.3
Moyen
CVE-2022-23715 2022-08-25 15h25 +00:00 A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore
6.5
Moyen