CVE-2018-3831: Infoleak
First published: Tue Sep 18 2018(Updated: )
Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details.
Credit: bressers@elastic.co
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/elasticsearch | <6.4.1 | 6.4.1 |
| redhat/elasticsearch | <5.6.12 | 5.6.12 |
| Elastic Elasticsearch | >=5.6.0<5.6.12 | |
| Elastic Elasticsearch | >=6.0.0<6.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035
- https://www.elastic.co/community/security
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1632454
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1632971
- https://docs.search-guard.com/latest/index
- https://access.redhat.com/support/policy/updates/jboss_notes
- https://access.redhat.com/errata/RHSA-2020:3192
- https://access.redhat.com/security/cve/cve-2018-3831
- https://bugzilla.redhat.com/show_bug.cgi?id=1632452
- https://www.cve.org/CVERecord?id=CVE-2018-3831 https://nvd.nist.gov/vuln/detail/CVE-2018-3831
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2018-3831.
What is the title of the vulnerability?
The title of the vulnerability is 'Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue.'
What is the severity of CVE-2018-3831?
The severity of CVE-2018-3831 is high with a CVSS score of 8.8.
What software versions are affected by CVE-2018-3831?
Elasticsearch versions before 6.4.1 or 5.6.12 are affected by CVE-2018-3831.
How can CVE-2018-3831 be fixed?
To fix CVE-2018-3831, upgrade Elasticsearch to version 6.4.1 or 5.6.12 depending on the affected version.
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/severity
- agent/references
- agent/weakness
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-3831
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/description
- agent/tags
- agent/trending
- vendor/elastic
- canonical/elastic elasticsearch
- version/elastic elasticsearch/5.6.0
- version/elastic elasticsearch/6.0.0
- package-manager/redhat