CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2018-3823
https://notcve.org/view.php?id=CVE-2018-3823
X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. Users with manage_ml permissions could create jobs containing malicious data as part of their configuration that could allow the attacker to obtain sensitive information from or perform destructive actions on behalf of other ML users viewing the results of the jobs. X-Pack Machine Learning en versiones anteriores a la 6.2.4 y 5.6.9 tenía una vulnerabilidad Cross-Site Scripting (XSS). Los usuarios con permisos manage_ml podrían crear trabajos que contengan datos maliciosos como parte de su configuración que podrían permitir que el atacante obtenga información sensible o realice acciones destructivas en el nombre de otros usuarios de ML que visualicen los resultados de los trabajos. • https://discuss.elastic.co/t/elastic-stack-6-2-4-and-5-6-9-security-update/128422 https://www.elastic.co/community/security • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-3825
https://notcve.org/view.php?id=CVE-2018-3825
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. Unless explicitly overwritten, this master key is predictable across all ECE deployments. If an attacker can connect to ZooKeeper directly they would be able to access configuration information of other tenants if their cluster ID is known. En Elastic Cloud Enterprise (ECE) en versiones anteriores a la 1.1.4, una clave de cifrado maestra por defecto se utiliza en el proceso de concesión de acceso de Zookeeper a los clústers de Elasticsearch. A no ser que esté explícitamente sobrescrito, esta clave maestra es predecible en todos los despliegues ECE. • https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778 https://www.elastic.co/community/security • CWE-321: Use of Hard-coded Cryptographic Key CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-3830 – kibana: Cross-site scripting via the source field formatter
https://notcve.org/view.php?id=CVE-2018-3830
Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulnerability via the source field formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. Las versiones 5.3.0 a 6.4.1 de Kibana presentaban una vulnerabilidad Cross-Site Scripting (XSS) a través del formateador de los campos de origen que podrían permitir a un atacante obtener información sensible o realizar acciones destructivas en nombre de otros usuarios de Kibana. • https://access.redhat.com/errata/RHSA-2018:3537 https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035 https://www.elastic.co/community/security https://access.redhat.com/security/cve/CVE-2018-3830 https://bugzilla.redhat.com/show_bug.cgi?id=1632450 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-3829
https://notcve.org/view.php?id=CVE-2018-3829
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An attacker with access to the previous runner ID and IP address of the coordinator-host could add a allocator to an existing ECE install to gain access to other clusters data. En Elastic Cloud Enterprise (ECE) en versiones anteriores a la 1.1.4, se ha descubierto que un usuario podría sacar de su escala los asignadores en nuevos hosts con un token de roles no válido. Un atacante con acceso al ID runner anterior y a la dirección IP del coordinador-host podría añadir un asignador a una instalación ECE existente para obtener acceso a otros datos de clústers. • https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778 https://www.elastic.co/community/security • CWE-285: Improper Authorization CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-3828
https://notcve.org/view.php?id=CVE-2018-3828
Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials. Elastic Cloud Enterprise (ECE), en versiones anteriores a la 1.1.4, contiene una vulnerabilidad de exposición de información. Se ha descubierto que determinadas condiciones de excepción resultarían en la fuga de claves cifradas, contraseñas y otras cabeceras de seguridad sensibles a los logs del "allocator". • https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778 https://www.elastic.co/community/security • CWE-532: Insertion of Sensitive Information into Log File •