Miggo Logo
Miggo Vulnerability Database
CVE-2019-7611

CVE-2019-7611: Improper Access Control in Elasticsearch

8.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2019-7611
GHSA ID
GHSA-fj32-6v7m-57pg
EPSS Score
0.36231%
CWE
CWE-284
Published
5/13/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.elasticsearch:elasticsearchmaven< 5.6.155.6.15
org.elasticsearch:elasticsearchmaven>= 6.0.0, < 6.6.16.6.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability occurs in security checks for alias/shrink/split operations when DLS/FLS is disabled. The SecurityFilter class handles alias actions while AuthorizationService manages resize operations. Both would contain conditional logic that skips critical permission checks when xpack.security.dls_fls.enabled=false, matching the described vulnerability pattern. These components directly correspond to the affected endpoints (_aliases, _shrink, _split) mentioned in the advisory.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* p*rmission issu* w*s *oun* in *l*sti*s**r** v*rsions ***or* *.*.** *n* *.*.* w**n *i*l* L*v*l S**urity *n* *o*um*nt L*v*l S**urity *r* *is**l** *n* t** _*li*s*s, _s*rink, or _split *n*points *r* us** . I* t** *l*sti*s**r**.yml *il* **s xp**k.s**uri

Reasoning

T** vuln*r**ility o**urs in s**urity ****ks *or *li*s/s*rink/split op*r*tions w**n *LS/*LS is *is**l**. T** S**urity*ilt*r *l*ss **n*l*s *li*s **tions w*il* *ut*oriz*tionS*rvi** m*n***s r*siz* op*r*tions. *ot* woul* *ont*in *on*ition*l lo*i* t**t ski