Vulnerabilities > Elastic > Elasticsearch > 6.2.3

DATE CVE VULNERABILITY TITLE RISK
2018-09-19 CVE-2018-3831 Information Exposure vulnerability in Elastic Elasticsearch
Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API.
network
low complexity
elastic CWE-200
8.8
2018-09-19 CVE-2018-3826 Missing Encryption of Sensitive Data vulnerability in Elastic Elasticsearch
In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API.
network
low complexity
elastic CWE-311
6.5