CVE-2025-37727
published 2025-10-10CVE-2025-37727: Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the…
PriorityP428medium5.7CVSS 3.1
AVAACLPRLUINSUCHINAN
EPSS
0.22%
13.1th percentile
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | elasticsearch | 7.0.0 – 7.17.29 | — |
| elastic | elasticsearch | >= 8.0.0 < 8.18.8 | 8.18.8 |
| elastic | elasticsearch | 8.0.0 – 8.18.7 | — |
| elastic | elasticsearch | >= 8.19.0 < 8.19.5 | 8.19.5 |
| elastic | elasticsearch | 8.19.0 – 8.19.4 | — |
| elastic | elasticsearch | >= 9.0.0 < 9.0.8 | 9.0.8 |
| elastic | elasticsearch | 9.0.0 – 9.0.7 | — |
| elastic | elasticsearch | >= 9.1.0 < 9.1.5 | 9.1.5 |
| elastic | elasticsearch | 9.1.0 – 9.1.4 | — |
| msrc | azl3_rubygem-elasticsearch_8.9.0-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_rubygem-elasticsearch_8.3.0-1_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.15.7MEDIUMCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv5.7MEDIUM
vendor_msrc5.7MEDIUM
vendor_redhat5.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Elasticsearch: Insertion of Sensitive Information into Log File via reindex API
osv·2025-10-10
CVE-2025-37727 [MEDIUM] Elasticsearch: Insertion of Sensitive Information into Log File via reindex API
Elasticsearch: Insertion of Sensitive Information into Log File via reindex API
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
GHSA
Elasticsearch: Insertion of Sensitive Information into Log File via reindex API
ghsa·2025-10-10
CVE-2025-37727 [MEDIUM] CWE-532 Elasticsearch: Insertion of Sensitive Information into Log File via reindex API
Elasticsearch: Insertion of Sensitive Information into Log File via reindex API
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
OSV
CVE-2025-37727: Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing request
osv·2025-10-10·CVSS 5.7
CVE-2025-37727 [MEDIUM] CVE-2025-37727: Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing request
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
Microsoft
Elasticsearch Insertion of sensitive information in log file
vendor_msrc·2025-10-14·CVSS 5.7
CVE-2025-37727 [MEDIUM] CWE-532 Elasticsearch Insertion of sensitive information in log file
Elasticsearch Insertion of sensitive information in log file
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
elastic: elastic
Customer Action Required: Yes
Red Hat
org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file
vendor_redhat·2025-10-10·CVSS 5.7
CVE-2025-37727 [MEDIUM] CWE-532 org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file
org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
A lack of log sanitization has been discovered in Elasticsearch. This issue arises under specific preconditions when auditing requests to the reindex API. Users of affected versions should inspect their logs if they are concerned about confidentiality loss.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, appli
No detection rules found.
No public exploits indexed.
2025-10-10
Published