Elastic Elastic Cloud Enterprise (Ece)

3 CVEs affecting Elastic Elastic Cloud Enterprise (Ece). Latest disclosed: 2025-11-07. Critical: 1, High: 1.

Top CVEs affecting Elastic Elastic Cloud Enterprise (Ece)
CVESeverityScorePublishedSummary
CVE-2025-37729Critical9.12025-10-13Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise (ECE) can lead to a malicious actor with Admin access exfiltr…
CVE-2025-37736High8.82025-11-07Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be allowed…
CVE-2018-3825Medium5.92018-09-19In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch…