Elastic Elastic Cloud Enterprise
6 CVEs affecting Elastic Elastic Cloud Enterprise. Latest disclosed: 2024-06-28. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-37282 | High | 8.1 | 2024-06-28 | It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to cr… |
CVE-2018-3828 | High | 7.5 | 2018-09-19 | Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would… |
CVE-2022-23715 | Medium | 6.5 | 2022-08-25 | A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings… |
CVE-2017-8444 | Medium | 5.9 | 2017-09-29 | The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the mid… |
CVE-2022-23716 | Medium | 5.3 | 2022-09-28 | A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in t… |
CVE-2018-3829 | Medium | 5.3 | 2018-09-19 | In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An… |