First published: Wed Sep 19 2018(Updated: )
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. Unless explicitly overwritten, this master key is predictable across all ECE deployments. If an attacker can connect to ZooKeeper directly they would be able to access configuration information of other tenants if their cluster ID is known.
Credit: bressers@elastic.co
Affected Software | Affected Version | How to fix |
---|---|---|
Elastic Elastic Cloud Enterprise | <1.1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-3825 is a vulnerability in Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 where a default master encryption key is used in granting ZooKeeper access to Elasticsearch clusters.
CVE-2018-3825 affects Elastic Cloud Enterprise (ECE) versions prior to 1.1.4, allowing an attacker to connect to ZooKeeper and potentially gain unauthorized access to Elasticsearch clusters.
CVE-2018-3825 has a severity rating of medium with a CVSS score of 5.9.
To fix CVE-2018-3825, it is recommended to update Elastic Cloud Enterprise to version 1.1.4 or later.
More information about CVE-2018-3825 can be found on the Elastic discussion forum and the Elastic community security page.