Elastic Cloud Enterprise vulnerabilities

CVE-2025-37736 [HIGH] CWE-863 CVE-2025-37736: Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built- Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be allowed. The list of APIs that are affected by this issue is: post:/platform/configuration/security/service-accounts delete:/platform/configuration/security/service-accounts/{user_id} patch:/platform/c

CVE-2025-37729 [HIGH] CWE-1336 CVE-2025-37729: Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise (E Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise (ECE) can lead to a malicious actor with Admin access exfiltrating sensitive information and issuing commands via a specially crafted string where Jinjava variables are evaluated.

CVE-2024-37282 [CRITICAL] CWE-285 CVE-2024-37282: It was identified that under certain specific preconditions, an API key that was originally created It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.

CVE-2023-31418 [HIGH] CWE-400 CVE-2023-31418: An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it

CVE-2022-23716 [MEDIUM] CWE-532 CVE-2022-23716: A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing priv A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.

CVE-2022-23715 [MEDIUM] CWE-532 CVE-2022-23715: A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{r

CVE-2018-3828 [HIGH] CWE-532 CVE-2018-3828: Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and per

CVE-2018-3825 [MEDIUM] CWE-321 CVE-2018-3825: In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used in In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. Unless explicitly overwritten, this master key is predictable across all ECE deployments. If an attacker can connect to ZooKeeper directly they would be able to access configuration in

CVE-2018-3829 [MEDIUM] CWE-285 CVE-2018-3829: In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. An attacker with access to the previous runner ID and IP address of the coordinator-host could add a allocator to an existing ECE install to gain access to other clusters data.

CVE-2017-8444 [MEDIUM] CWE-319 CVE-2017-8444: The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt tra The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data.