exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2018-3831

больше 7 лет назад

Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3831

больше 7 лет назад

Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3831

больше 7 лет назад

Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3831

больше 7 лет назад

Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6. ...

CVSS3: 8.8

EPSS: Низкий

GHSA-r9fv-qpm9-rj4g

больше 3 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-3831 Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.	CVSS3: 8.8	1% Низкий	больше 7 лет назад
CVE-2018-3831 Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.	CVSS3: 5.3	1% Низкий	больше 7 лет назад
CVE-2018-3831 Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.	CVSS3: 8.8	1% Низкий	больше 7 лет назад
CVE-2018-3831 Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6. ...	CVSS3: 8.8	1% Низкий	больше 7 лет назад
GHSA-r9fv-qpm9-rj4g Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch	CVSS3: 8.8	1% Низкий	больше 3 лет назад

Уязвимостей на страницу