Elastic Elastic Cloud Enterprise

6 CVEs affecting Elastic Elastic Cloud Enterprise. Latest disclosed: 2024-06-28. Critical: 0, High: 2.

Top CVEs affecting Elastic Elastic Cloud Enterprise
CVESeverityScorePublishedSummary
CVE-2024-37282High8.12024-06-28It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to cr…
CVE-2018-3828High7.52018-09-19Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would…
CVE-2022-23715Medium6.52022-08-25A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings…
CVE-2017-8444Medium5.92017-09-29The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the mid…
CVE-2022-23716Medium5.32022-09-28A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in t…
CVE-2018-3829Medium5.32018-09-19In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An…