CVE-2021-22146 – All versions of Elastic Cloud Enterprise has the Elasticsearch â€œanonymo …

21 July 2021

Vuln ID: CVE-2021-22146

Published: 2021-07-21 15:15:14Z

Description: All versions of Elastic Cloud Enterprise has the Elasticsearch â€œanonymousâ€� user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster.

Source: NVD.NIST.GOV

Date:

21 July 2021

Categorie(s):

NVD

Tag(s):

NVD

Pakistani APT Hackers Attacking Indian Govt Entities With Weaponized Shortcut Files25 April 2024
High Performance Podcast Duo to Unveil Secrets of Success at Infosecurity Europe 202425 April 2024
BforeAI raises $15 million to prevent attacks before they occur25 April 2024
Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny25 April 2024
Lurie Children’s Hospital of Chicago: Ransomware Attack Timeline25 April 2024