Miggo Logo

CVE-2020-7009: Improper Privilege Management in Elasticsearch

8.8

CVSS Score
3.1

Basic Information

EPSS Score
0.87911%
Published
5/24/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.elasticsearch:elasticsearchmaven>= 6.7.0, <= 6.8.76.8.8
org.elasticsearch:elasticsearchmaven>= 7.0.0, <= 7.6.17.6.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability centers around improper privilege management during API key creation. Elasticsearch's API key generation logic (handled by ApiKeyService) is the primary suspect, as the advisory explicitly states the flaw occurs when attackers create API keys. The mitigation involves disabling API keys entirely, further implicating this component. While no direct code diffs are provided, the combination of the vulnerability description, CWE mapping to privilege assignment flaws, and standard Elasticsearch security architecture strongly points to the createApiKey method as the vulnerable entry point.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*l*sti*s**r** v*rsions *rom *.*.* to *.*.* *n* *.*.* to *.*.* *ont*in * privil*** *s**l*tion *l*w i* *n *tt**k*r is **l* to *r**t* *PI k*ys. *n *tt**k*r w*o is **l* to **n*r*t* *n *PI k*y **n p*r*orm * s*ri*s o* st*ps t**t r*sult in *n *PI k*y **in*

Reasoning

T** vuln*r**ility **nt*rs *roun* improp*r privil*** m*n***m*nt *urin* *PI k*y *r**tion. *l*sti*s**r**'s *PI k*y **n*r*tion lo*i* (**n*l** *y `*piK*yS*rvi**`) is t** prim*ry susp**t, *s t** **visory *xpli*itly st*t*s t** *l*w o**urs w**n *tt**k*rs *r*