Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Elastic Elasticsearch Security < 5.6.15 / 6.x < 6.6.1 Permission Issue (ESA-2019-04)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Elasticsearch Security is prone to a permission issue.
Insight
Insight
A permission issue was found in Elasticsearch when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name.
Affected Software
Affected Software
Elasticsearch Security versions before 5.6.15 and 6.6.1.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 5.6.15, 6.6.1 or later. Users unable to update can change the xpack.security.dls_fls.enabled setting to true in their elasticsearch.yml file. The default setting for this option is true.