| Vulnerability Name: | CVE-2021-22135 (CCN-201914) | ||||||||||||
| Assigned: | 2021-03-23 | ||||||||||||
| Published: | 2021-03-23 | ||||||||||||
| Updated: | 2021-09-07 | ||||||||||||
| Summary: | Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled on the index. Certain queries are able to enable the profiler and suggester which could lead to disclosing the existence of documents and fields the attacker should not be able to view. | ||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) 4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
2.7 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-200 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2021-22135 Source: CCN Type: Elasticsearch ESA-2021-06 Elasticsearch Suggester & Profile API information disclosure flaw Source: MISC Type: Vendor Advisory https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125 Source: XF Type: UNKNOWN elasticsearch-cve202122135-info-disc(201914) Source: CONFIRM Type: Third Party Advisory https://security.netapp.com/advisory/ntap-20210625-0003/ Source: CCN Type: IBM Security Bulletin 6493015 (Resilient OnPrem) IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities (CVE-2021-22137, CVE-2021-22135) Source: CCN Type: IBM Security Bulletin 6538158 (Cloud Private) Vulnerability in Elasticsearch affects IBM Cloud Private (CVE-2021-22135, CVE-2021-22137) | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||