Vulnerabilities > Elastic > Elastic Cloud Enterprise > 2.1.1

DATE CVE VULNERABILITY TITLE RISK
2023-10-26 CVE-2023-31418 Resource Exhaustion vulnerability in Elastic Elasticsearch
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer.
network
low complexity
elastic CWE-400
7.5
7.5
2022-09-28 CVE-2022-23716 Information Exposure Through Log Files vulnerability in Elastic Cloud Enterprise
A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
network
low complexity
elastic CWE-532
5.3
5.3
2022-08-25 CVE-2022-23715 Information Exposure Through Log Files vulnerability in Elastic Cloud Enterprise
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster.
network
low complexity
elastic CWE-532
6.5
6.5