cbcvebase.
CVE-2020-7009
published 2020-06-03

CVE-2020-7009: The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an…

PriorityP349high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.60%
72.8th percentile
The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges.

Affected

7 ranges
VendorProductVersion rangeFixed in
elasticelasticsearch
elasticelasticsearch>= 6.7.0 < 6.8.86.8.8
elasticelasticsearch6.7.0 – 6.8.7
elasticelasticsearch>= 7.0.0 < 7.6.27.6.2
elasticelasticsearch7.0.0 – 7.6.1
github.comory_fosite>= 0 < 0.34.00.34.0
msrccm1_rubygem-elasticsearch_8.2.0-1_on_cbl_mariner_1.0

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
ghsa8.8HIGH
osv8.8HIGH
vendor_msrc8.8HIGH
vendor_oracle8.8HIGH
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.