Vulnerabilities > CVE-2018-17247 - XXE vulnerability in Elastic Elasticsearch 6.5.0/6.5.1
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could allow a user to access information that they should not have access to.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | CGI abuses |
NASL id | ELASTICSEARCH_ESA_2018_19.NASL |
description | Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learnings find_file_structure API. If a policy allowing external network access has been added to Elasticsearchs Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could allow a user to access information that they should not have access to.Please note: by default Elasticsearch has the Java Security Manager enabled with policies which will cause this attack to fail. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 121249 |
published | 2019-01-18 |
reporter | This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/121249 |
title | Elasticsearch ESA-2018-19 |
code |
|
References
- http://www.securityfocus.com/bid/106294
- http://www.securityfocus.com/bid/106294
- https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594
- https://discuss.elastic.co/t/elastic-stack-6-5-2-security-update/159594
- https://www.elastic.co/community/security
- https://www.elastic.co/community/security