CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 2CVE-2021-22146 – Elasticsearch ECE 7.13.3 - Anonymous Database Dump
https://notcve.org/view.php?id=CVE-2021-22146
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster. Todas las versiones de Elastic Cloud Enterprise presentan el usuario "anonymous" de Elasticsearch habilitado por defecto en los clusters desplegados. Mientras que en la configuración por defecto el usuario anónimo no presenta permisos y no puede consultar con éxito cualquier API de Elasticsearch, un atacante podría aprovechar el usuario anónimo para conseguir información sobre determinados detalles de un clúster desplegado • https://www.exploit-db.com/exploits/50152 http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html https://discuss.elastic.co/t/elastic-cloud-enterprise-security-update/279180 https://security.netapp.com/advisory/ntap-20210819-0005 •
CVSS: 6.5EPSS: 96%CPEs: 2EXPL: 3CVE-2021-22145 – ElasticSearch 7.13.3 - Memory disclosure
https://notcve.org/view.php?id=CVE-2021-22145
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details. Se ha identificado una vulnerabilidad de divulgación de memoria en los informes de errores de Elasticsearch versiones 7.10.0 hasta 7.13.3. Un usuario con la habilidad de enviar consultas arbitrarias a Elasticsearch podría enviar una consulta malformada que resultaría en un mensaje de error devuelto conteniendo porciones previamente usadas de un buffer de datos. • https://www.exploit-db.com/exploits/50149 https://github.com/niceeeeeeee/CVE-2021-22145-poc http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177 https://security.netapp.com/advisory/ntap-20210827-0006 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-209: Generation of Error Message Containing Sensitive Information •