Refine your search
26 vulnerabilities found for Elasticsearch by Elastic
CERTFR-2025-AVI-0849
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 9.1.x antérieures à 9.1.5 | ||
| Elastic | Kibana | Kibana - Crowdstrike Connector versions 8.19.x antérieures à 8.19.5 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.0.x antérieures à 9.0.8 | ||
| Elastic | Kibana | Kibana - Crowdstrike Connector versions 9.0.x antérieures à 9.0.8 | ||
| Elastic | Kibana | Kibana versions 9.0.x antérieures à 9.0.8 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.19.x antérieures à 8.19.5 | ||
| Elastic | Kibana | Kibana versions 8.19.x antérieures à 8.19.5 | ||
| Elastic | Kibana | Kibana versions 9.1.x antérieures à 9.1.5 | ||
| Elastic | Kibana | Kibana - Crowdstrike Connector versions 9.1.x antérieures à 9.1.5 | ||
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 8.18.8 | ||
| Elastic | Kibana | Kibana - Crowdstrike Connector versions antérieures à 8.18.8 | ||
| Elastic | Kibana | Kibana versions antérieures à 8.18.8 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 9.1.x ant\u00e9rieures \u00e0 9.1.5",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana - Crowdstrike Connector versions 8.19.x ant\u00e9rieures \u00e0 8.19.5",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.0.x ant\u00e9rieures \u00e0 9.0.8",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana - Crowdstrike Connector versions 9.0.x ant\u00e9rieures \u00e0 9.0.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.0.x ant\u00e9rieures \u00e0 9.0.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.19.x ant\u00e9rieures \u00e0 8.19.5",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.19.x ant\u00e9rieures \u00e0 8.19.5",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.1.x ant\u00e9rieures \u00e0 9.1.5",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana - Crowdstrike Connector versions 9.1.x ant\u00e9rieures \u00e0 9.1.5",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 8.18.8",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana - Crowdstrike Connector versions ant\u00e9rieures \u00e0 8.18.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions ant\u00e9rieures \u00e0 8.18.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37728"
},
{
"name": "CVE-2025-25017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25017"
},
{
"name": "CVE-2025-37727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37727"
},
{
"name": "CVE-2025-25009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25009"
},
{
"name": "CVE-2025-25018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25018"
}
],
"initial_release_date": "2025-10-07T00:00:00",
"last_revision_date": "2025-10-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0849",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-16",
"url": "https://discuss.elastic.co/t/kibana-8-18-8-8-19-4-9-0-7-9-1-4-security-update-esa-2025-16/382450"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-20",
"url": "https://discuss.elastic.co/t/kibana-8-18-8-8-19-5-9-0-8-and-9-1-5-security-update-esa-2025-20/382449"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-19",
"url": "https://discuss.elastic.co/t/kibana-crowdstrike-connector-8-18-8-8-19-5-9-0-8-and-9-1-5-security-update-esa-2025-19/382455"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-18",
"url": "https://discuss.elastic.co/t/elasticsearch-8-18-8-8-19-5-9-0-8-9-1-5-security-update-esa-2025-18/382453"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-17",
"url": "https://discuss.elastic.co/t/kibana-8-18-8-8-19-5-9-0-8-9-1-5-security-update-esa-2025-17/382451"
}
]
}
CERTFR-2025-AVI-0738
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 9.0.x antérieures à 9.0.6 | ||
| Elastic | Enterprise Search | Enterprise Search versions 8.x antérieures à 8.18.6 | ||
| Elastic | Enterprise Search | Enterprise Search versions 8.19.x antérieures à 8.19.3 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.18.x antérieures à 8.18.6 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.1.x antérieures à 9.1.3 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.19.x antérieures à 8.19.3 | ||
| Elastic | Kibana | Kibana versions 9.1.x antérieures à 9.1.3 | ||
| Elastic | Kibana | Kibana versions 9.0.x antérieures à 9.0.6 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 9.0.x ant\u00e9rieures \u00e0 9.0.6",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Enterprise Search versions 8.x ant\u00e9rieures \u00e0 8.18.6",
"product": {
"name": "Enterprise Search",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Enterprise Search versions 8.19.x ant\u00e9rieures \u00e0 8.19.3",
"product": {
"name": "Enterprise Search",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.18.x ant\u00e9rieures \u00e0 8.18.6",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.1.x ant\u00e9rieures \u00e0 9.1.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.19.x ant\u00e9rieures \u00e0 8.19.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.1.x ant\u00e9rieures \u00e0 9.1.3",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.0.x ant\u00e9rieures \u00e0 9.0.6",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-25010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25010"
}
],
"initial_release_date": "2025-08-29T00:00:00",
"last_revision_date": "2025-08-29T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0738",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-15",
"url": "https://discuss.elastic.co/t/enterprise-search-8-18-6-8-19-3-security-update-esa-2025-15-cve-2025-54988/381428"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-14",
"url": "https://discuss.elastic.co/t/elasticsearch-8-18-6-8-19-3-9-0-6-and-9-1-3-security-update-esa-2025-14-cve-2025-54988/381427"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-13",
"url": "https://discuss.elastic.co/t/kibana-9-0-6-9-1-3-security-update-esa-2025-13/381426"
}
]
}
CERTFR-2025-AVI-0359
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 7.17.25 | ||
| Elastic | Kibana | Kibana versions 7.17.x postérieures à 7.14.6 et antérieures à 7.17.24 | ||
| Elastic | APM Server | APM Server versions 8.x antérieures à 8.16.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 8.16.0 | ||
| Elastic | Logstash | Logstash versions 8.15.x antérieures à 8.15.3 | ||
| Elastic | Elastic Agent | Elastic Agent versions antérieures à 8.15.4 | ||
| Elastic | Elastic Agent | Elastic Agent versions antérieures à 7.17.25 | ||
| Elastic | Kibana | Kibana versions 8.x antérieures à 8.13.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 7.17.25",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.17.x post\u00e9rieures \u00e0 7.14.6 et ant\u00e9rieures \u00e0 7.17.24",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "APM Server versions 8.x ant\u00e9rieures \u00e0 8.16.1",
"product": {
"name": "APM Server",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 8.16.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Logstash versions 8.15.x ant\u00e9rieures \u00e0 8.15.3",
"product": {
"name": "Logstash",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Agent versions ant\u00e9rieures \u00e0 8.15.4",
"product": {
"name": "Elastic Agent",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Agent versions ant\u00e9rieures \u00e0 7.17.25",
"product": {
"name": "Elastic Agent",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.x ant\u00e9rieures \u00e0 8.13.0",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2023-46669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46669"
},
{
"name": "CVE-2024-52979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52979"
},
{
"name": "CVE-2024-11994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11994"
},
{
"name": "CVE-2024-11390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11390"
},
{
"name": "CVE-2025-25016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25016"
},
{
"name": "CVE-2024-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52976"
}
],
"initial_release_date": "2025-05-02T00:00:00",
"last_revision_date": "2025-05-02T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0359",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-47",
"url": "https://discuss.elastic.co/t/kibana-7-17-19-and-8-13-0-security-update-esa-2024-47/377711"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-39",
"url": "https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-03",
"url": "https://discuss.elastic.co/t/elastic-agent-elastic-endpoint-security-security-update-esa-2025-03/377706"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-20",
"url": "https://discuss.elastic.co/t/kibana-7-17-24-and-8-12-0-security-update-esa-2024-20/377712"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-38",
"url": "https://discuss.elastic.co/t/logstash-8-15-3-security-update-esa-2024-38/377707"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-40",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-25-and-8-16-0-security-update-esa-2024-40/377709"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-41",
"url": "https://discuss.elastic.co/t/apm-server-8-16-1-security-update-esa-2024-41/377710"
}
]
}
CERTFR-2025-AVI-0298
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Kibana | Kibana versions 8.17.x antérieures à 8.17.2 | ||
| Elastic | Logstash | Logstash versions antérieures à 8.15.3 | ||
| Elastic | Elastic Defend | Elastic Defend versions antérieures à 8.17.3 | ||
| Elastic | Kibana | Kibana versions 8.16.x antérieures à 8.16.4 | ||
| Elastic | Kibana | Kibana versions 7.17.x antérieures à 7.17.23 | ||
| Elastic | Kibana | Kibana versions 8.15.x antérieures à 8.15.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.15.x antérieures à 8.15.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.17.x antérieures à 7.17.24 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions 8.17.x ant\u00e9rieures \u00e0 8.17.2",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Logstash versions ant\u00e9rieures \u00e0 8.15.3",
"product": {
"name": "Logstash",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Defend versions ant\u00e9rieures \u00e0 8.17.3",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.16.x ant\u00e9rieures \u00e0 8.16.4",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.17.x ant\u00e9rieures \u00e0 7.17.23",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.15.x ant\u00e9rieures \u00e0 8.15.1",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.15.x ant\u00e9rieures \u00e0 8.15.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.17.x ant\u00e9rieures \u00e0 7.17.24",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-12556",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12556"
},
{
"name": "CVE-2024-43380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43380"
},
{
"name": "CVE-2024-52980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52980"
},
{
"name": "CVE-2025-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25013"
},
{
"name": "CVE-2024-52974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52974"
},
{
"name": "CVE-2024-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52981"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
}
],
"initial_release_date": "2025-04-09T00:00:00",
"last_revision_date": "2025-04-09T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0298",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-37",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-24-and-8-15-1-security-update-esa-2024-37/376924"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-02",
"url": "https://discuss.elastic.co/t/kibana-8-16-4-and-8-17-2-security-update-esa-2025-02/376918"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-35",
"url": "https://discuss.elastic.co/t/logstash-8-15-1-security-update-esa-2024-35/376920"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-34",
"url": "https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-05",
"url": "https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-48",
"url": "https://discuss.elastic.co/t/logstash-8-15-3-8-16-0-security-update-esa-2024-48/376922"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-36",
"url": "https://discuss.elastic.co/t/kibana-7-17-23-and-8-15-1-security-update-esa-2024-36/376923"
}
]
}
CERTFR-2025-AVI-0050
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elastic Defend | Elastic Defend versions 8.13.x antérieures à 8.13.3 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.17.x antérieures à 7.17.21 | ||
| Elastic | Kibana | Kibana versions 7.17.x antérieures à 7.17.23 | ||
| Elastic | Kibana | Kibana versions 8.14.x antérieures à 8.14.2 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.13.x antérieures à 8.13.3 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Defend versions 8.13.x ant\u00e9rieures \u00e0 8.13.3",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.17.x ant\u00e9rieures \u00e0 7.17.21",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.17.x ant\u00e9rieures \u00e0 7.17.23",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.14.x ant\u00e9rieures \u00e0 8.14.2",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.13.x ant\u00e9rieures \u00e0 8.13.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-43709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43709"
},
{
"name": "CVE-2024-37284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37284"
},
{
"name": "CVE-2024-52973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52973"
}
],
"initial_release_date": "2025-01-21T00:00:00",
"last_revision_date": "2025-01-21T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0050",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-01-21",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-26",
"url": "https://discuss.elastic.co/t/kibana-7-17-23-and-8-14-2-security-update-esa-2024-26/373443"
},
{
"published_at": "2025-01-21",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-24",
"url": "https://discuss.elastic.co/t/elastic-defend-8-13-3-security-update-esa-2024-24/373441"
},
{
"published_at": "2025-01-21",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-25",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-21-and-8-13-3-security-update-esa-2024-25/373442"
}
]
}
CERTFR-2024-AVI-1094
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans les produits Elastic. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 8.16.x antérieures à 8.16.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 8.16.x ant\u00e9rieures \u00e0 8.16.2",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-12539",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12539"
}
],
"initial_release_date": "2024-12-18T00:00:00",
"last_revision_date": "2024-12-18T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1094",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Elastic. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-46",
"url": "https://discuss.elastic.co/t/elasticsearch-8-16-2-8-17-0-security-update/372091"
}
]
}
CERTFR-2024-AVI-0640
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Elastic Elasticsearch. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elastic Elasticsearch versions 8.x antérieures à 8.13.0 | ||
| Elastic | Elasticsearch | Elastic Elasticsearch versions 7.x antérieures à 7.17.23 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Elasticsearch versions 8.x ant\u00e9rieures \u00e0 8.13.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Elasticsearch versions 7.x ant\u00e9rieures \u00e0 7.17.23",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-23444",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23444"
}
],
"initial_release_date": "2024-08-01T00:00:00",
"last_revision_date": "2024-08-01T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0640",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elastic Elasticsearch. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Vuln\u00e9rabilit\u00e9 dans Elastic Elasticsearch",
"vendor_advisories": [
{
"published_at": "2024-07-31",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 364157",
"url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-7-17-23-security-update-esa-2024-12/364157"
}
]
}
CERTFR-2024-AVI-0469
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans les produits Elastic. Elle permet à un attaquant de provoquer un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 8.13.x antérieures à 8.14.0 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 8.13.x ant\u00e9rieures \u00e0 8.14.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37280"
}
],
"initial_release_date": "2024-06-07T00:00:00",
"last_revision_date": "2024-06-07T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0469",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Elastic. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2024-06-07",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 361007",
"url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-14/361007"
}
]
}
CERTFR-2024-AVI-0466
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elastic Cloud Enterprise | Elastic Cloud Enterprise versions antérieures à 3.7.1 | ||
| Elastic | Kibana | Kibana versions 8.x.x postérieures à 8.6.3 et antérieures à 8.14.0 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.x.x postérieures à 8.10.0 et antérieures à 8.14.0 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Cloud Enterprise versions ant\u00e9rieures \u00e0 3.7.1",
"product": {
"name": "Elastic Cloud Enterprise",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.x.x post\u00e9rieures \u00e0 8.6.3 et ant\u00e9rieures \u00e0 8.14.0",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.x.x post\u00e9rieures \u00e0 8.10.0 et ant\u00e9rieures \u00e0 8.14.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-37279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37279"
},
{
"name": "CVE-2024-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23445"
}
],
"initial_release_date": "2024-06-06T00:00:00",
"last_revision_date": "2024-06-06T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0466",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2024-06-05",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-15",
"url": "https://discuss.elastic.co/t/kibana-8-14-0-security-update-esa-2024-15/360887"
},
{
"published_at": "2024-06-05",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-08",
"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-7-0-security-update-esa-2024-08/360888"
},
{
"published_at": "2024-06-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-13",
"url": "https://discuss.elastic.co/t/elasticsearch-8-14-0-security-update-esa-2024-13/360898"
}
]
}
CERTFR-2024-AVI-0257
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Elasticsearch. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 8.x antérieures à 8.13.0 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.x antérieures à 7.17.19 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 8.x ant\u00e9rieures \u00e0 8.13.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.x ant\u00e9rieures \u00e0 7.17.19",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-23449",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23449"
},
{
"name": "CVE-2024-23451",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23451"
},
{
"name": "CVE-2024-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23450"
}
],
"initial_release_date": "2024-03-28T00:00:00",
"last_revision_date": "2024-03-29T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0257",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-28T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 Elasticsearch security-update-esa-2024-05 du 29 mars 2024.",
"revision_date": "2024-03-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Elasticsearch.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Elasticsearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch security-update-esa-2024-05 du 29 mars 2024",
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-1-security-update-esa-2024-05/356458"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch security-update-esa-2024-07 du 27 mars 2024",
"url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-security-update-esa-2024-07/356315"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch security-update-esa-2024-06 du 27 mars 2024",
"url": "https://discuss.elastic.co/t/elasticsearch-8-13-0-7-17-19-security-update-esa-2024-06/356314"
}
]
}
CERTFR-2023-AVI-1017
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits ElasticSearch. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | ElasticSearch versions 8.x.x antérieures à 8.11.2 | ||
| Elastic | Elasticsearch | Elastic Agent versions 7.x.x antérieures à 7.17.16 | ||
| Elastic | Elasticsearch | Beats versions 7.x.x antérieures à 7.17.16 | ||
| Elastic | Elasticsearch | Enterprise Search versions 7.x.x antérieures à 7.17.16 | ||
| Elastic | Elasticsearch | Elastic Agent versions 8.x.x antérieures à 8.11.3 | ||
| Elastic | Elasticsearch | Beats versions 8.x.x antérieures à 8.11.3 | ||
| Elastic | Elasticsearch | ElasticSearch versions 7.x.x antérieures à 7.17.16 | ||
| Elastic | Elasticsearch | Kibana versions 8.x.x antérieures à 8.11.2 | ||
| Elastic | Elasticsearch | Kibana versions 7.x.x antérieures à 7.17.16 | ||
| Elastic | Elasticsearch | Enterprise Search versions 8.x.x antérieures à 8.11.2 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ElasticSearch versions 8.x.x ant\u00e9rieures \u00e0 8.11.2",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Agent versions 7.x.x ant\u00e9rieures \u00e0 7.17.16",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Beats versions 7.x.x ant\u00e9rieures \u00e0 7.17.16",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Enterprise Search versions 7.x.x ant\u00e9rieures \u00e0 7.17.16",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Agent versions 8.x.x ant\u00e9rieures \u00e0 8.11.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Beats versions 8.x.x ant\u00e9rieures \u00e0 8.11.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "ElasticSearch versions 7.x.x ant\u00e9rieures \u00e0 7.17.16",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.x.x ant\u00e9rieures \u00e0 8.11.2",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.x.x ant\u00e9rieures \u00e0 7.17.16",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Enterprise Search versions 8.x.x ant\u00e9rieures \u00e0 8.11.2",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-49923",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49923"
},
{
"name": "CVE-2023-6687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6687"
},
{
"name": "CVE-2023-46675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46675"
},
{
"name": "CVE-2023-49922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49922"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-49921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49921"
}
],
"initial_release_date": "2023-12-13T00:00:00",
"last_revision_date": "2023-12-13T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-1017",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits ElasticSearch\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ElasticSearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 349180 du 12 d\u00e9cembre 2023",
"url": "https://discuss.elastic.co/t/beats-and-elastic-agent-8-11-3-7-17-16-security-update-esa-2023-30/349180"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 349182 du 12 d\u00e9cembre 2023",
"url": "https://discuss.elastic.co/t/kibana-8-11-2-7-17-16-security-update-esa-2023-27/349182"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 349181 du 12 d\u00e9cembre 2023",
"url": "https://discuss.elastic.co/t/enterprise-search-8-11-2-7-17-16-security-update-esa-2023-31/349181"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 349179 du 12 d\u00e9cembre 2023",
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179"
}
]
}
CERTFR-2023-AVI-0999
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans ElasticSearch pour Hadoop. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch-hadoop versions antérieures 8.x à 8.9.0 | ||
| Elastic | Elasticsearch | Elasticsearch-hadoop versions antérieures à 7.17.11 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch-hadoop versions ant\u00e9rieures 8.x \u00e0 8.9.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch-hadoop versions ant\u00e9rieures \u00e0 7.17.11",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-46674",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46674"
}
],
"initial_release_date": "2023-12-06T00:00:00",
"last_revision_date": "2023-12-06T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0999",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ElasticSearch pour Hadoop. Elle\npermet \u00e0 un attaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans ElasticSearch pour Hadoop",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch esa-2023-28 du 05 d\u00e9cembre 2023",
"url": "https://discuss.elastic.co/t/elasticsearch-hadoop-7-17-11-8-9-0-security-update-esa-2023-28/348663"
}
]
}
CERTFR-2023-AVI-0971
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans ElasticSearch. Elle permet à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 7.x antérieures à 7.17.14 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.x antérieures à 8.10.3 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 7.x ant\u00e9rieures \u00e0 7.17.14",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.x ant\u00e9rieures \u00e0 8.10.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-46673",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46673"
}
],
"initial_release_date": "2023-11-22T00:00:00",
"last_revision_date": "2023-11-22T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0971",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan\nclass=\"textit\"\u003eElasticSearch\u003c/span\u003e. Elle permet \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans ElasticSearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch ESA-2023-24 du 22 novembre 2023",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708"
}
]
}
CERTFR-2023-AVI-0820
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits ElasticSearch. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | ElasticSearch Fleet Server versions 8.10.x antérieures à 8.10.3 | ||
| Elastic | Elasticsearch | ElasticSearch Kibana versions 8.x.x antérieures à 8.10.3 | ||
| Elastic | Elasticsearch | Elastic Sharepoint Online Python Connector versions antérieures à 8.10.3.0 | ||
| Elastic | Elasticsearch | ElasticSearch Kibana versions 7.x.x antérieures à 7.17.14 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ElasticSearch Fleet Server versions 8.10.x ant\u00e9rieures \u00e0 8.10.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "ElasticSearch Kibana versions 8.x.x ant\u00e9rieures \u00e0 8.10.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Sharepoint Online Python Connector versions ant\u00e9rieures \u00e0 8.10.3.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "ElasticSearch Kibana versions 7.x.x ant\u00e9rieures \u00e0 7.17.14",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-5129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5129"
},
{
"name": "CVE-2023-5217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5217"
},
{
"name": "CVE-2023-4863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4863"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
}
],
"initial_release_date": "2023-10-11T00:00:00",
"last_revision_date": "2023-10-11T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch\u00a0344737 du 10 octobre 2023",
"url": "https://discuss.elastic.co/t/fleet-server-v8-10-3-security-update/344737"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch\u00a0344735 du 10 octobre 2023",
"url": "https://discuss.elastic.co/t/kibana-8-10-3-7-17-14-security-update/344735"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch\u00a0344732 du 10 octobre 2023",
"url": "https://discuss.elastic.co/t/elastic-sharepoint-online-python-connector-v8-10-3-0-security-update/344732"
}
],
"reference": "CERTFR-2023-AVI-0820",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-10-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits ElasticSearch\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9, une\nex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ElasticSearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 344737 du 10 octobre 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 344735 du 10 octobre 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 344732 du 10 octobre 2023",
"url": null
}
]
}
CERTFR-2023-AVI-0780
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Elasticsearch. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elastic Cloud sur Kubernetes (ECK) versions antérieures à 2.8 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Cloud sur Kubernetes (ECK) versions ant\u00e9rieures \u00e0 2.8",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-31416",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31416"
}
],
"initial_release_date": "2023-09-26T00:00:00",
"last_revision_date": "2023-09-26T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0780",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elasticsearch. Elle permet \u00e0 un\nattaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Elasticsearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch CVE-2023-31416 du 26 septembre 2023",
"url": "https://discuss.elastic.co/t/elastic-cloud-on-kubernetes-eck-2-8-security-update/343854"
}
]
}
CERTFR-2023-AVI-0776
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Elasticsearch. Elle permet à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elastic Cloud Enterprise versions antérieures à 2.13.4 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.x antérieures à 8.9.0 | ||
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 7.17.13 | ||
| Elastic | Elasticsearch | Elastic Cloud Enterprise versions 3.6.x antérieures à 3.6.1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Cloud Enterprise versions ant\u00e9rieures \u00e0 2.13.4",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.x ant\u00e9rieures \u00e0 8.9.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 7.17.13",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Cloud Enterprise versions 3.6.x ant\u00e9rieures \u00e0 3.6.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-31418",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31418"
}
],
"initial_release_date": "2023-09-25T00:00:00",
"last_revision_date": "2023-09-25T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0776",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elasticsearch. Elle permet \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Elasticsearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch CVE-2023-31418 du 22 septembre 2023",
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616"
}
]
}
CERTFR-2023-AVI-0765
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans les produits ElasticSearch. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elastic Agent versions 8.x.x antérieures à 8.10.1 | ||
| Elastic | Elasticsearch | Fleet Server versions versions 8.x.x antérieures à 8.10.1 | ||
| Elastic | Elasticsearch | Beats versions 8.x.x antérieures à 8.10.1 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Agent versions 8.x.x ant\u00e9rieures \u00e0 8.10.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Fleet Server versions versions 8.x.x ant\u00e9rieures \u00e0 8.10.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Beats versions 8.x.x ant\u00e9rieures \u00e0 8.10.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-31421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31421"
}
],
"initial_release_date": "2023-09-20T00:00:00",
"last_revision_date": "2023-09-20T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch\u00a0343385 du 19 septembre 2023",
"url": "https://discuss.elastic.co/t/beats-elastic-agent-apm-server-and-fleet-server-8-10-1-security-update-improper-certificate-validation-issue-esa-2023-16/343385"
}
],
"reference": "CERTFR-2023-AVI-0765",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eles\nproduits ElasticSearch\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer\nun contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits ElasticSearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 343385 du 19 septembre 2023",
"url": null
}
]
}
CERTFR-2023-AVI-0762
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits ElasticSearch. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | ElasticSearch versions 7.x antérieures à 7.17.13 | ||
| Elastic | Elasticsearch | Kibana version 8.10.0 | ||
| Elastic | Elasticsearch | ElasticSearch versions 8.x antérieures à 8.9.1 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ElasticSearch versions 7.x ant\u00e9rieures \u00e0 7.17.13",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana version 8.10.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "ElasticSearch versions 8.x ant\u00e9rieures \u00e0 8.9.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-31419",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31419"
},
{
"name": "CVE-2023-31422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31422"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
}
],
"initial_release_date": "2023-09-19T00:00:00",
"last_revision_date": "2023-09-19T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch\u00a0343297 du 18 septembre 2023",
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-1-7-17-13-security-update/343297"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch\u00a0343287 du 18 septembre 2023",
"url": "https://discuss.elastic.co/t/kibana-8-10-1-security-update/343287"
}
],
"reference": "CERTFR-2023-AVI-0762",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits ElasticSearch\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ElasticSearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 343287 du 18 septembre 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 343297 du 18 septembre 2023",
"url": null
}
]
}
CERTFR-2023-AVI-0717
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Elasticsearch. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 8.x.x antérieures à 8.9.2 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.x.x antérieures à 7.17.13 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 8.x.x ant\u00e9rieures \u00e0 8.9.2",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.x.x ant\u00e9rieures \u00e0 7.17.13",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-31417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31417"
}
],
"initial_release_date": "2023-09-07T00:00:00",
"last_revision_date": "2023-09-07T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0717",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elasticsearch. Elle permet \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Elasticsearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch du 06 septembre 2023",
"url": "https://discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479/1"
}
]
}
CERTFR-2023-AVI-0502
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Elasticsearch. Elle permet à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 8.x antérieures à 8.8.2 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.2.x à 7.17.x antérieures à 7.17.11 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 8.x ant\u00e9rieures \u00e0 8.8.2",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.2.x \u00e0 7.17.x ant\u00e9rieures \u00e0 7.17.11",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
}
],
"initial_release_date": "2023-06-30T00:00:00",
"last_revision_date": "2023-06-30T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0502",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elasticsearch. Elle permet \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Elasticsearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch du 29 juin 2023",
"url": "https://discuss.elastic.co/t/elasticsearch-8-8-2-7-17-11-security-update/337205"
}
]
}
CERTFR-2022-AVI-770
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans ElasticSearch Cloud Enterprise. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elastic Cloud Enterprise versions antérieures à 3.4.0 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Cloud Enterprise versions ant\u00e9rieures \u00e0 3.4.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-23715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23715"
}
],
"initial_release_date": "2022-08-25T00:00:00",
"last_revision_date": "2022-08-25T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-770",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-25T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ElasticSearch Cloud Enterprise.\nElle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans ElasticSearch Cloud Enterprise",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ElasticSearch 312825 du 25 ao\u00fbt 2022",
"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825"
}
]
}
CERTFR-2022-AVI-509
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Elasticsearch. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 6.8.x et 7.9.2 à 7.17.x antérieures à 7.17.4 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 6.8.x et 7.9.2 \u00e0 7.17.x ant\u00e9rieures \u00e0 7.17.4",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-21449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21449"
}
],
"initial_release_date": "2022-05-31T00:00:00",
"last_revision_date": "2022-05-31T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-509",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-31T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elasticsearch. Elle permet \u00e0 un\nattaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Elasticsearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch CVE-2022-21449 du 24 mai 2022",
"url": "https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530"
}
]
}
CERTFR-2021-AVI-670
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Kibana | Kibana versions antérieures à 7.14.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 7.14.1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions ant\u00e9rieures \u00e0 7.14.1",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 7.14.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-37936",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37936"
},
{
"name": "CVE-2021-22930",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22930"
},
{
"name": "CVE-2021-22939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22939"
},
{
"name": "CVE-2021-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37937"
},
{
"name": "CVE-2021-22150",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22150"
},
{
"name": "CVE-2021-22931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
},
{
"name": "CVE-2021-22151",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22151"
}
],
"initial_release_date": "2021-09-02T00:00:00",
"last_revision_date": "2021-09-02T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-670",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-09-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nElastic. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une injection\nde code indirecte \u00e0 distance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elastic du 01 septembre 2021",
"url": "https://www.elastic.co/fr/community/security/"
}
]
}
CERTFR-2021-AVI-593
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Elasticsearch. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 7.14.0 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 7.14.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-22147",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22147"
},
{
"name": "CVE-2021-22148",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22148"
},
{
"name": "CVE-2021-22149",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22149"
}
],
"initial_release_date": "2021-08-04T00:00:00",
"last_revision_date": "2021-08-04T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-593",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-08-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Elasticsearch.\nElles permettent \u00e0 un attaquant de provoquer un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Elasticsearch",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Elasticsearch du 03 ao\u00fbt 2021",
"url": "https://www.elastic.co/community/security/"
}
]
}
CVE-2015-1427 (GCVE-0-2015-1427)
Vulnerability from nvd
Published
2015-02-17 15:00
Modified
2025-10-22 00:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72585"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2015-1427",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T19:05:50.626176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1427"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:33.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1427"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-25T00:00:00+00:00",
"value": "CVE-2015-1427 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72585"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72585"
},
{
"name": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/",
"refsource": "CONFIRM",
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"name": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"name": "https://www.elastic.co/community/security/",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1427",
"datePublished": "2015-02-17T15:00:00.000Z",
"dateReserved": "2015-01-31T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:33.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1427 (GCVE-0-2015-1427)
Vulnerability from cvelistv5
Published
2015-02-17 15:00
Modified
2025-10-22 00:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72585"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/community/security/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2015-1427",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T19:05:50.626176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1427"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:33.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1427"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-25T00:00:00+00:00",
"value": "CVE-2015-1427 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72585"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/community/security/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150211 Elasticsearch vulnerability CVE-2015-1427",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534689/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "RHSA-2017:0868",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0868"
},
{
"name": "72585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72585"
},
{
"name": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/",
"refsource": "CONFIRM",
"url": "http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/"
},
{
"name": "elasticsearch-cve20151427-command-exec(100850)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100850"
},
{
"name": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html"
},
{
"name": "https://www.elastic.co/community/security/",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1427",
"datePublished": "2015-02-17T15:00:00.000Z",
"dateReserved": "2015-01-31T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:33.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}