Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Elastic — Vulnerabilities & Security Advisories 222

Browse all 222 CVE security advisories affecting Elastic. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Elastic:KibanaElasticsearchLogstashPacketbeatElastic X-Pack SecurityElastic Cloud EnterpriseAPM ServerElastic AgentX-Pack SecurityBeatsElastic Cloud Enterprise (ECE)Elastic Enterprise SearchElastic DefendMetricbeatFleet ServerFilebeatElastic Endpoint SecurityElastic Cloud on KubernetesElastic App SearchElasticsearch X-Pack Machine LearningElasticsearch X-Pack SecurityElastic Agent and Elastic DefendKibana X-Pack SecurityElastic X-Pack ReportingElastic Network Drive ConnectorElastic X-Pack AlertingEnterprise SearchElasticsearch-HadoopElastic Sharepoint Online Python ConnectorElastic APM Java Agent
CVE IDTitleCVSSSeverityPaused
CVE-2024-23447 Elastic Network Drive Connector Improper Access Control — Elastic Network Drive ConnectorCWE-284 5.3 Medium2024-02-07
CVE-2024-23446 Kibana Broken Access Control issue — KibanaCWE-284 6.5 Medium2024-02-07
CVE-2023-46675 Kibana Insertion of Sensitive Information into Log File — KibanaCWE-532 8.0 High2023-12-13
CVE-2023-46671 Kibana Insertion of Sensitive Information into Log File — KibanaCWE-532 8.0 High2023-12-13
CVE-2023-6687 Elastic Agent Insertion of Sensitive Information into Log File — Elastic AgentCWE-532 6.8 Medium2023-12-12
CVE-2023-49922 Beats Insertion of Sensitive Information into Log File — BeatsCWE-532 6.8 Medium2023-12-12
CVE-2023-49923 Enterprise Search Insertion of Sensitive Information into Log File — Enterprise SearchCWE-532 6.8 Medium2023-12-12
CVE-2023-46674 Elasticsearch-hadoop Unsafe Deserialization — Elasticsearch-HadoopCWE-502 6.0 Medium2023-12-05
CVE-2023-46673 Elasticsearch 安全漏洞 — ElasticsearchCWE-755 6.5 Medium2023-11-22
CVE-2021-37937 Elasticsearch privilege escalation — ElasticsearchCWE-269 5.9 Medium2023-11-22
CVE-2021-37942 APM Java Agent Local Privilege Escalation — Elastic APM Java AgentCWE-269 7.0 High2023-11-22
CVE-2021-22143 Elastic APM .NET Agent information disclosure — Elastic APM .NET AgentCWE-200 2.1 Low2023-11-22
CVE-2021-22142 Kibana Reporting vulnerabilities — KibanaCWE-1104 6.6 Medium2023-11-22
CVE-2021-22151 Kibana path traversal issue — KibanaCWE-22 3.1 Low2023-11-22
CVE-2021-22150 Kibana code execution issue — KibanaCWE-94 6.6 Medium2023-11-22
CVE-2023-46672 Logstash Insertion of Sensitive Information into Log File — LogstashCWE-532 8.4 High2023-11-15
CVE-2023-31416 Elastic Cloud on Kubernetes (ECK) secret token configuration issue — Elastic Cloud on KubernetesCWE-200 5.3 Medium2023-10-26
CVE-2023-31417 Elasticsearch Insertion of sensitive information in audit logs — ElasticsearchCWE-532 4.1 Medium2023-10-26
CVE-2023-31418 Elasticsearch uncontrolled resource consumption — ElasticsearchCWE-400 7.5 High2023-10-26
CVE-2023-31419 Elasticsearch StackOverflow vulnerability — ElasticsearchCWE-121 6.5 Medium2023-10-26
CVE-2023-46666 Elastic Sharepoint Online Python Connector Improper Access Control — Elastic Sharepoint Online Python ConnectorCWE-284 5.3 Medium2023-10-26
CVE-2023-31421 Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue — BeatsCWE-295 5.9 Medium2023-10-26
CVE-2023-31422 Kibana Insertion of Sensitive Information into Log File — KibanaCWE-532 9.0 Critical2023-10-26
CVE-2023-46667 Fleet Server Insertion of Sensitive Information into Log File — Fleet ServerCWE-532 8.1 High2023-10-26
CVE-2023-46668 Elastic Endpoint Insertion of Sensitive Information into Log File — EndpointCWE-532 4.6 Medium2023-10-25
CVE-2023-31415 Elastic Kibana 代码注入漏洞 — KibanaCWE-94 9.9 -2023-05-04
CVE-2023-31414 Elastic Kibana 代码注入漏洞 — KibanaCWE-94 9.1 -2023-05-04
CVE-2023-31413 Elastic Filebeat 日志信息泄露漏洞 — FilebeatCWE-200 7.5 -2023-05-04
CVE-2022-38779 Elastic Kibana 输入验证错误漏洞 — kibanaCWE-601 6.1 -2023-02-21
CVE-2022-38777 Elastic Endpoint Security 安全漏洞 — Elastic Endpoint SecurityCWE-269 7.8 -2023-02-08

This page lists every published CVE security advisory associated with Elastic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.