Количество 3
Количество 3
CVE-2021-22149
Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users.
GHSA-fq33-497v-4h5x
Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users.
BDU:2021-05344
Уязвимость инструмента для поиска приложений Elastic App Search, связанная с неправильным назначением разрешений, позволяющая нарушителю повысить свои привилегии
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-22149 Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users. | CVSS3: 8.8 | 0% Низкий | больше 4 лет назад |
| GHSA-fq33-497v-4h5x Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users. | CVSS3: 8.8 | 0% Низкий | больше 3 лет назад |
 | BDU:2021-05344 Уязвимость инструмента для поиска приложений Elastic App Search, связанная с неправильным назначением разрешений, позволяющая нарушителю повысить свои привилегии | CVSS3: 8.8 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу