exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2022-23708

почти 4 года назад

A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.

CVSS3: 4.3

EPSS: Низкий

CVE-2022-23708

почти 4 года назад

A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.

CVSS3: 4.3

EPSS: Низкий

CVE-2022-23708

почти 4 года назад

A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.

CVSS3: 4.3

EPSS: Низкий

CVE-2022-23708

почти 4 года назад

A flaw was discovered in Elasticsearch 7.17.0\u2019s upgrade assistant ...

CVSS3: 4.3

EPSS: Низкий

GHSA-pgq6-ccqj-hpqr

почти 4 года назад

Elasticsearch privilege escalation

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-23708 A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.	CVSS3: 4.3	0% Низкий	почти 4 года назад
CVE-2022-23708 A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.	CVSS3: 4.3	0% Низкий	почти 4 года назад
CVE-2022-23708 A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.	CVSS3: 4.3	0% Низкий	почти 4 года назад
CVE-2022-23708 A flaw was discovered in Elasticsearch 7.17.0\u2019s upgrade assistant ...	CVSS3: 4.3	0% Низкий	почти 4 года назад
GHSA-pgq6-ccqj-hpqr Elasticsearch privilege escalation	CVSS3: 4.3	0% Низкий	почти 4 года назад

Уязвимостей на страницу