| Revision Date: | 2022-05-22 | Version: | 1 |
| Title: | CVE-2021-22145 |
| Description: |
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | Mitre CVE-2021-22145
SUSE CVE-2021-22145
|
| Platform(s): | SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
| Product(s): | |
| Definition Synopsis |
| Release Information SUSE OpenStack Cloud 8 is installed
OR SUSE OpenStack Cloud Crowbar 8 is installed
AND elasticsearch is not affected
|
| Definition Synopsis |
| SUSE OpenStack Cloud 7 is installed
AND elasticsearch is not affected
|
| Definition Synopsis |
| Release Information
SUSE OpenStack Cloud 9 is installed
OR SUSE OpenStack Cloud Crowbar 9 is installed
AND elasticsearch is not affected
|