cnvd - cnvd-2020-60336

cnvd-2020-60336

Vulnerability from cnvd

Title: Elasticsearch信息泄露漏洞（CNVD-2020-60336）

Description:

Elasticsearch是荷兰Elasticsearch公司的一套基于Lucene构建的开源分布式RESTful搜索引擎。该产品主要应用于云计算，并支持通过HTTP使用JSON进行数据索引。Security是其中的一个数据保护组件。

Elasticsearch 6.8.13版本和7.9.2之前版本存在信息泄露漏洞，该漏洞源于在使用文档或字段级安全时包含文档泄露缺陷。在执行某些复杂查询时，搜索查询未能正确地保留安全权限。这可能导致搜索暴露了攻击者无法查看的文档的存在。攻击者可利用该漏洞对潜在的敏感索引有更多的了解。

Severity: 中

Patch Name: Elasticsearch信息泄露漏洞（CNVD-2020-60336）的补丁

Patch Description:

Elasticsearch 6.8.13版本和7.9.2之前版本存在信息泄露漏洞，该漏洞源于在使用文档或字段级安全时包含文档泄露缺陷。在执行某些复杂查询时，搜索查询未能正确地保留安全权限。这可能导致搜索暴露了攻击者无法查看的文档的存在。攻击者可利用该漏洞对潜在的敏感索引有更多的了解。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033

Reference: https://staging-website.elastic.co/community/security/

Impacted products

Name
['ElasticSearch ElasticSearch 6.8.13', 'ElasticSearch ElasticSearch <7.9.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-7020",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-7020"
    }
  },
  "description": "Elasticsearch\u662f\u8377\u5170Elasticsearch\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eLucene\u6784\u5efa\u7684\u5f00\u6e90\u5206\u5e03\u5f0fRESTful\u641c\u7d22\u5f15\u64ce\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u5e94\u7528\u4e8e\u4e91\u8ba1\u7b97\uff0c\u5e76\u652f\u6301\u901a\u8fc7HTTP\u4f7f\u7528JSON\u8fdb\u884c\u6570\u636e\u7d22\u5f15\u3002Security\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u6570\u636e\u4fdd\u62a4\u7ec4\u4ef6\u3002\n\nElasticsearch 6.8.13\u7248\u672c\u548c7.9.2\u4e4b\u524d\u7248\u672c\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u4f7f\u7528\u6587\u6863\u6216\u5b57\u6bb5\u7ea7\u5b89\u5168\u65f6\u5305\u542b\u6587\u6863\u6cc4\u9732\u7f3a\u9677\u3002\u5728\u6267\u884c\u67d0\u4e9b\u590d\u6742\u67e5\u8be2\u65f6\uff0c\u641c\u7d22\u67e5\u8be2\u672a\u80fd\u6b63\u786e\u5730\u4fdd\u7559\u5b89\u5168\u6743\u9650\u3002\u8fd9\u53ef\u80fd\u5bfc\u81f4\u641c\u7d22\u66b4\u9732\u4e86\u653b\u51fb\u8005\u65e0\u6cd5\u67e5\u770b\u7684\u6587\u6863\u7684\u5b58\u5728\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bf9\u6f5c\u5728\u7684\u654f\u611f\u7d22\u5f15\u6709\u66f4\u591a\u7684\u4e86\u89e3\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-60336",
  "openTime": "2020-11-03",
  "patchDescription": "Elasticsearch\u662f\u8377\u5170Elasticsearch\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eLucene\u6784\u5efa\u7684\u5f00\u6e90\u5206\u5e03\u5f0fRESTful\u641c\u7d22\u5f15\u64ce\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u5e94\u7528\u4e8e\u4e91\u8ba1\u7b97\uff0c\u5e76\u652f\u6301\u901a\u8fc7HTTP\u4f7f\u7528JSON\u8fdb\u884c\u6570\u636e\u7d22\u5f15\u3002Security\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u6570\u636e\u4fdd\u62a4\u7ec4\u4ef6\u3002\r\n\r\nElasticsearch 6.8.13\u7248\u672c\u548c7.9.2\u4e4b\u524d\u7248\u672c\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u4f7f\u7528\u6587\u6863\u6216\u5b57\u6bb5\u7ea7\u5b89\u5168\u65f6\u5305\u542b\u6587\u6863\u6cc4\u9732\u7f3a\u9677\u3002\u5728\u6267\u884c\u67d0\u4e9b\u590d\u6742\u67e5\u8be2\u65f6\uff0c\u641c\u7d22\u67e5\u8be2\u672a\u80fd\u6b63\u786e\u5730\u4fdd\u7559\u5b89\u5168\u6743\u9650\u3002\u8fd9\u53ef\u80fd\u5bfc\u81f4\u641c\u7d22\u66b4\u9732\u4e86\u653b\u51fb\u8005\u65e0\u6cd5\u67e5\u770b\u7684\u6587\u6863\u7684\u5b58\u5728\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bf9\u6f5c\u5728\u7684\u654f\u611f\u7d22\u5f15\u6709\u66f4\u591a\u7684\u4e86\u89e3\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Elasticsearch\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2020-60336\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "ElasticSearch ElasticSearch 6.8.13",
      "ElasticSearch ElasticSearch \u003c7.9.2"
    ]
  },
  "referenceLink": "https://staging-website.elastic.co/community/security/",
  "serverity": "\u4e2d",
  "submitTime": "2020-10-25",
  "title": "Elasticsearch\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2020-60336\uff09"
}

CVE-2020-7020 (GCVE-0-2020-7020)

Vulnerability from cvelistv5

Published

2020-10-22 16:30

Modified

2024-08-04 09:18

Severity ?

CWE

CWE-270 - Privilege Context Switching Error

Summary

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices.

References

▼	URL	Tags
	https://staging-website.elastic.co/community/security/	x_refsource_MISC
	https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-20201123-0001/	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Elastic	Elasticsearch	Version: before 6.8.13 and 7.9.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:18:02.985Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://staging-website.elastic.co/community/security/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20201123-0001/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Elasticsearch",
          "vendor": "Elastic",
          "versions": [
            {
              "status": "affected",
              "version": "before 6.8.13 and 7.9.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-270",
              "description": "CWE-270: Privilege Context Switching Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-23T11:06:12",
        "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "shortName": "elastic"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://staging-website.elastic.co/community/security/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20201123-0001/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@elastic.co",
          "ID": "CVE-2020-7020",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Elasticsearch",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 6.8.13 and 7.9.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Elastic"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-270: Privilege Context Switching Error"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://staging-website.elastic.co/community/security/",
              "refsource": "MISC",
              "url": "https://staging-website.elastic.co/community/security/"
            },
            {
              "name": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033",
              "refsource": "MISC",
              "url": "https://discuss.elastic.co/t/elastic-stack-7-9-3-and-6-8-13-security-update/253033"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20201123-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20201123-0001/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
    "assignerShortName": "elastic",
    "cveId": "CVE-2020-7020",
    "datePublished": "2020-10-22T16:30:15",
    "dateReserved": "2020-01-14T00:00:00",
    "dateUpdated": "2024-08-04T09:18:02.985Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted