Oval Definition:	oval:org.opensuse.security:def:20207009
Revision Date: 2022-05-22 Version: 1 Title: CVE-2020-7009 Description: Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2020-7009 SUSE CVE-2020-7009 Platform(s): SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis Release Information SUSE OpenStack Cloud 8 is installed OR SUSE OpenStack Cloud Crowbar 8 is installed AND elasticsearch is not affected Definition Synopsis Release Information SUSE OpenStack Cloud 9 is installed OR SUSE OpenStack Cloud Crowbar 9 is installed AND elasticsearch is not affected Definition Synopsis SUSE OpenStack Cloud 7 is installed AND elasticsearch is not affected
BACK