Detections
Analytics

SCA: security update for org.elasticsearch:elasticsearch (GHSA-r3hx-qfh5-r9m7)

medium Tenable Self-Hosted Container Security Plugin ID 418457

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

 - Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security,
 which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a malicious user with a
 valid API key for a remote cluster configured to use the new Remote Cluster Security to read arbitrary
 documents from any index on the remote cluster, and only if they use the Elasticsearch custom transport
 protocol to issue requests with the target index ID, the shard ID and the document ID. None of
 Elasticsearch REST API endpoints are affected by this issue. (CVE-2024-23451)

See Also

https://github.com/advisories/GHSA-r3hx-qfh5-r9m7

Plugin Details

Severity: Medium

ID: 418457

Version: Revision 1.8

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 6/1/2026

Risk Information

VPR

Risk Factor: Low

Score: 3.6

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N

CVSS Score Source: CVE-2024-23451

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 3/27/2024

Vulnerability Publication Date: 3/27/2024

Reference Information

CVE: CVE-2024-23451

cwe: CWE-863