Oval Definition:
oval:org.opensuse.security:def:202223708
Revision Date
:
2022-05-22
Version
:
1
Title
:
CVE-2022-23708
Description
:
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “*” index permissions access to this index.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
Mitre CVE-2022-23708
SUSE CVE-2022-23708
Platform(s)
:
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s)
:
Definition Synopsis
Release Information
SUSE OpenStack Cloud 8 is installed
OR
SUSE OpenStack Cloud Crowbar 8 is installed
AND
elasticsearch is not affected
Definition Synopsis
Release Information
SUSE OpenStack Cloud 9 is installed
OR
SUSE OpenStack Cloud Crowbar 9 is installed
AND
elasticsearch is not affected
BACK