Known Vulnerabilities for products from Elastic
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Elastic".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
|CVE||Shortened Description||Severity||Publish Date||Last Modified|
|CVE-2022-34844||In BIG-IP Versions 16.1.x before 22.214.171.124 and 15.1.x before 126.96.36.199, and all versions of BIG-IQ 8.x, when the Data Plane Dev...||7.5 - HIGH||2022-08-04||2022-08-04|
|CVE-2022-23714||** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur...||7.8 - HIGH||2022-07-06||2022-07-14|
|CVE-2022-23713||** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur...||6.1 - MEDIUM||2022-07-06||2022-07-14|
|CVE-2022-23712||** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur...||7.5 - HIGH||2022-06-06||2022-07-07|
|CVE-2022-23711||5.3 - MEDIUM||2022-04-21||2022-05-03|
|CVE-2022-23710||6.1 - MEDIUM||2022-03-03||2022-04-18|
|CVE-2022-23709||4.3 - MEDIUM||2022-03-03||2022-03-16|
|CVE-2022-23708||4.3 - MEDIUM||2022-03-03||2022-07-29|
|CVE-2022-23707||An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to ...||5.4 - MEDIUM||2022-02-11||2022-02-22|
|CVE-2021-37941||A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious fil...||7.8 - HIGH||2021-12-08||2021-12-14|
|CVE-2021-37940||An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search ...||6.8 - MEDIUM||2021-12-07||2021-12-09|
|CVE-2021-37939||It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on inte...||2.7 - LOW||2021-11-18||2021-11-23|
|CVE-2021-37938||It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would...||4.3 - MEDIUM||2021-11-18||2021-11-23|
|CVE-2021-22149||Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorizat...||8.8 - HIGH||2021-09-15||2021-09-25|
|CVE-2021-22148||Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the s...||8.8 - HIGH||2021-09-15||2021-10-18|
|CVE-2021-22147||Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an au...||6.5 - MEDIUM||2021-09-15||2022-01-18|
|CVE-2021-22146||All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. ...||7.5 - HIGH||2021-07-21||2022-07-12|
|CVE-2021-22145||A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability t...||6.5 - MEDIUM||2021-07-21||2022-05-10|
|CVE-2021-22144||In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of ser...||6.5 - MEDIUM||2021-07-26||2022-05-10|
|CVE-2021-22140||Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity Injection issue (XXE) in the App Se...||7.5 - HIGH||2021-05-13||2021-05-21|
Known software with vulnerabilities from Elastic
|Application||Elastic||Elastic App Search||7.7.0|
|Application||Elastic||Elastic Cloud Enterprise||1.0.0|
|Application||Elastic||Elastic Cloud On Kubernetes||1.1.0|
Popular searches for "Elastic"
O KFree and Open Search: The Creators of Elasticsearch, ELK & Kibana | Elastic Elastic Observability Elastic Security Elastic ELK Stack. Retain and search more data with searchable snapshots on low-cost object stores a new cold data tier in 7.11. There's always budget for free. We deliver the complete Elasticsearch experience with flexible pricing. elastic.cowww.elasticsearch.org/contributor-agreement www.elasticsearch.org elasticsearch.org www.elasticsearch.com www.elasticsearch.org/overview/kibana elasticsearch.com Elasticsearch Kibana Road America Data Observability Stack (abstract data type) Free software Snapshot (computer storage) Web search engine Search algorithm Enterprise search Search engine technology Computer security Pricing Cloud computing Scalability Elastic NV Information technology Customer Apache Hadoop
H DElastic Products: Search, Analytics, Logging, and Security | Elastic The Elastic ELK Stack comprised of Elasticsearch, Kibana, Beats, and Logstash is trusted by individual users to Fortune 100 companies alike for logging, APM, security, and more.www.elastic.co/solutions www.elastic.co/v5 elastic.co/solutions www.elasticsearch.com/products www.elastic.co/v7 bit.ly/ELKStack Elasticsearch Log file Cloud computing Stack (abstract data type) Analytics Road America Computer security Kibana Observability Orchestration (computing) Software deployment Fortune 500 Apache Hadoop Enterprise search Security Search engine technology Web search engine Search algorithm User (computing) Advanced Power Management