Main Vulnerability Database Vulnerabilities #VU91267

#VU91267 Improper Authorization in Elasticsearch - CVE-2024-23451

Published: June 7, 2024

Vulnerability identifier: #VU91267

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-23451

CWE-ID: CWE-285

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Elasticsearch

Software vendor:
Elastic Stack

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to improper authorization within the API key based security model for Remote Cluster Security. A remote user with a valid API key for a remote cluster configured to use new Remote Cluster Security can read arbitrary documents from any index on the remote cluster, if they use the Elasticsearch custom transport protocol to issue requests with the target index ID, the shard ID and the document ID.

Remediation

Install updates from vendor's website.

External links

https://discuss.elastic.co/t/elasticsearch-8-13-0-security-update-esa-2024-07/356315

#VU91267 Improper Authorization in Elasticsearch - CVE-2024-23451

Description

Remediation

External links

Please verify you're human