CVE-2022-23708
published 2022-03-03CVE-2022-23708: A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the…
PriorityP421medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
EPSS
0.89%
54.8th percentile
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | elasticsearch | — | — |
| elastic | elasticsearch | >= 7.16.0 < 7.17.1 | 7.17.1 |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
osv4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Elasticsearch privilege escalation
osv·2022-03-04
CVE-2022-23708 [MEDIUM] Elasticsearch privilege escalation
Elasticsearch privilege escalation
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index. Users running a cluster on an affected version that had previously been upgraded from 6.x, should upgrade to 7.17.1. Users that are planning to upgrade from 6.x should not perform an upgrade from 6.x to versions 7.16 through 7.17.0 and should use 7.17.1+ for upgrades from 6.x.
GHSA
Elasticsearch privilege escalation
ghsa·2022-03-04
CVE-2022-23708 [MEDIUM] CWE-269 Elasticsearch privilege escalation
Elasticsearch privilege escalation
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index. Users running a cluster on an affected version that had previously been upgraded from 6.x, should upgrade to 7.17.1. Users that are planning to upgrade from 6.x should not perform an upgrade from 6.x to versions 7.16 through 7.17.0 and should use 7.17.1+ for upgrades from 6.x.
OSV
CVE-2022-23708: A flaw was discovered in Elasticsearch 7
osv·2022-03-03·CVSS 4.3
CVE-2022-23708 [MEDIUM] CVE-2022-23708: A flaw was discovered in Elasticsearch 7
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.
Red Hat
elasticsearch: privilege escalation vulnerability (ESA-2022-02)
vendor_redhat·2022-02-28·CVSS 4.3
CVE-2022-23708 [MEDIUM] CWE-273 elasticsearch: privilege escalation vulnerability (ESA-2022-02)
elasticsearch: privilege escalation vulnerability (ESA-2022-02)
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.
A flaw was found in the upgrade assistant for Elasticsearch. When upgrading from version 6.x to 7.x, the built-in protections on the security index are disabled, allowing authenticated users to access the index.
Package: openshift-logging/elasticsearch6-rhel8 (Logging Subsystem for Red Hat OpenShift) - Will not fix
Package: servicemesh-grafana (OpenShift Service Mesh 2.0) - Affected
Package: servicemesh-grafana (OpenShift Service Mesh 2.1) - Will not fix
Package: elasticsearc
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-03-03
Published