Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elastic vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2017-8447
An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has either 'delete' or 'index' permissions on an index in a cluster, they may be able to issue both delete and index requests against that index.
Elastic X-pack 5.5.2
Elastic X-pack 5.3.1
Elastic X-pack 5.3.2
Elastic X-pack 5.3.3
Elastic X-pack 5.4.0
Elastic X-pack 5.5.0
Elastic X-pack 5.3.0
4.3
CVSSv2
CVE-2017-8440
Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an malicious user to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Elastic Kibana 5.3.2
Elastic Kibana 5.3.1
Elastic Kibana 5.3.0
Elastic Kibana 5.4.0
4.6
CVSSv2
CVE-2017-1304
IBM has identified a vulnerability with IBM Spectrum Scale/GPFS utilized on the Elastic Storage Server (ESS)/GPFS Storage Server (GSS) during testing of an unsupported configuration, where users applications are running on an active ESS I/O server node and utilize direct I/O to p...
Ibm Elastic Storage Server 2.0.0
Ibm Elastic Storage Server 2.5.0
Ibm Elastic Storage Server 2.5.5
Ibm Elastic Storage Server 3.0.0
Ibm Elastic Storage Server 3.0.5
Ibm Elastic Storage Server 3.5.0
Ibm Elastic Storage Server 3.5.6
Ibm Elastic Storage Server 4.0.0
Ibm Elastic Storage Server 4.0.6
Ibm Elastic Storage Server 4.5.0
Ibm Elastic Storage Server 4.6.0
Ibm Elastic Storage Server 5.0.0
Ibm Elastic Storage Server 5.0.1
5.8
CVSSv2
CVE-2012-5781
Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary val...
Amazon Elastic Load Balancing 1.0.12.0
Amazon Elastic Load Balancing 1.0.10.0
Amazon Elastic Load Balancing 1.0.3.4
Amazon Elastic Load Balancing 1.0
Amazon Elastic Load Balancing -
Amazon Elastic Load Balancing 1.0.17.0
Amazon Elastic Load Balancing 1.0.15.1
Amazon Elastic Load Balancing 1.0.14.3
Amazon Elastic Load Balancing 1.0.11.1
Amazon Elastic Load Balancing 1.0.9.3
3.5
CVSSv2
CVE-2019-7618
A local file disclosure flaw was found in Elastic Code versions 7.3.0, 7.3.1, and 7.3.2. If a malicious code repository is imported into Code it is possible to read arbitrary files from the local filesystem of the Kibana instance running Code with the permission of the Kibana sys...
Elastic Kibana 7.3.1
Elastic Kibana 7.3.0
Elastic Kibana 7.3.2
5
CVSSv2
CVE-2016-6639
Cloud Foundry PHP Buildpack (aka php-buildpack) prior to 4.3.18 and PHP Buildpack Cf-release prior to 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.6.38 and 1.7.x prior to 1.7.19 and other products, place the .profile file in the htdocs directory, which m...
Cloudfoundry Php-buildpack
Pivotal Cloud Foundry Elastic Runtime 1.7.5
Pivotal Cloud Foundry Elastic Runtime 1.7.6
Pivotal Cloud Foundry Elastic Runtime 1.7.7
Pivotal Cloud Foundry Elastic Runtime 1.7.8
Pivotal Cloud Foundry Elastic Runtime 1.7.0
Pivotal Cloud Foundry Elastic Runtime 1.7.13
Pivotal Cloud Foundry Elastic Runtime 1.7.14
Pivotal Cloud Foundry Elastic Runtime 1.7.15
Pivotal Cloud Foundry Elastic Runtime 1.7.16
Pivotal Cloud Foundry Elastic Runtime 1.7.17
Pivotal Cloud Foundry Elastic Runtime 1.7.2
Pivotal Cloud Foundry Elastic Runtime 1.7.4
Pivotal Cloud Foundry Elastic Runtime 1.7.9
Pivotal Cloud Foundry Elastic Runtime 1.7.11
Pivotal Cloud Foundry Elastic Runtime 1.7.18
Pivotal Cloud Foundry Elastic Runtime 1.7.1
Pivotal Cloud Foundry Elastic Runtime 1.7.3
Pivotal Cloud Foundry Elastic Runtime 1.7.10
Pivotal Cloud Foundry Elastic Runtime 1.7.12
Pivotal Cloud Foundry Elastic Runtime
NA
CVE-2023-49922
An issue exists by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Beats or Elastic ...
Elastic Elastic Beats
NA
CVE-2023-6687
An issue exists by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Elastic Agent attempted to ...
Elastic Elastic Agent
5.8
CVSSv2
CVE-2016-0928
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.6.30 and 1.7.x prior to 1.7.8 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Pivotal Cloud Foundry Elastic Runtime 1.7.0
Pivotal Cloud Foundry Elastic Runtime 1.7.7
Pivotal Cloud Foundry Elastic Runtime
Pivotal Cloud Foundry Elastic Runtime 1.7.3
Pivotal Cloud Foundry Elastic Runtime 1.7.4
Pivotal Cloud Foundry Elastic Runtime 1.7.1
Pivotal Cloud Foundry Elastic Runtime 1.7.2
Pivotal Cloud Foundry Elastic Runtime 1.7.5
Pivotal Cloud Foundry Elastic Runtime 1.7.6
5
CVSSv2
CVE-2017-4955
An issue exists in Pivotal PCF Elastic Runtime 1.6.x versions before 1.6.65, 1.7.x versions before 1.7.48, 1.8.x versions before 1.8.28, and 1.9.x versions before 1.9.5. Several credentials were present in the logs for the Notifications errand in the PCF Elastic Runtime tile.
Pivotal Software Cloud Foundry Elastic Runtime 1.9.2
Pivotal Software Cloud Foundry Elastic Runtime 1.9.1
Pivotal Software Cloud Foundry Elastic Runtime 1.8.27
Pivotal Software Cloud Foundry Elastic Runtime 1.8.26
Pivotal Software Cloud Foundry Elastic Runtime 1.8.12
Pivotal Software Cloud Foundry Elastic Runtime 1.8.11
Pivotal Software Cloud Foundry Elastic Runtime 1.8.10
Pivotal Software Cloud Foundry Elastic Runtime 1.8.9
Pivotal Software Cloud Foundry Elastic Runtime 1.7.42
Pivotal Software Cloud Foundry Elastic Runtime 1.7.41
Pivotal Software Cloud Foundry Elastic Runtime 1.7.40
Pivotal Software Cloud Foundry Elastic Runtime 1.7.39
Pivotal Software Cloud Foundry Elastic Runtime 1.7.26
Pivotal Software Cloud Foundry Elastic Runtime 1.7.25
Pivotal Software Cloud Foundry Elastic Runtime 1.7.24
Pivotal Software Cloud Foundry Elastic Runtime 1.7.23
Pivotal Software Cloud Foundry Elastic Runtime 1.7.22
Pivotal Software Cloud Foundry Elastic Runtime 1.7.9
Pivotal Software Cloud Foundry Elastic Runtime 1.7.8
Pivotal Software Cloud Foundry Elastic Runtime 1.7.7
Pivotal Software Cloud Foundry Elastic Runtime 1.7.6
Pivotal Software Cloud Foundry Elastic Runtime 1.6.56
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »