Elasticsearch ESA-2018-11

Low Nessus Plugin ID 112046

Synopsis

The remote web server hosts a Java application that is affected by an unauthorised information disclosure vulnerability.

Description

A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged.

Solution

All users of Elasticsearch should upgrade to version 6.3.0. This update will prevent the repository-azure plugin to expose Azure credentials in Elasticsearch logs.

See Also

https://www.elastic.co/community/security

Plugin Details

Severity: Low

ID: 112046

File Name: elasticsearch_esa_2018_11.nasl

Version: 1.2

Type: remote

Family: CGI abuses

Published: 2018/08/22

Modified: 2018/09/17

Dependencies: 109941

Risk Information

Risk Factor: Low

CVSS Score Source: manual

CVSS Score Rationale: Information disclosure over network.

CVSSv2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSSv3

Base Score: 4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/a:elastic:x-pack

Required KB Items: installed_sw/Elasticsearch

Patch Publication Date: 2018/06/13

Vulnerability Publication Date: 2018/06/13

Reference Information

CVE: CVE-2018-3827