Miggo Logo

CVE-2020-7019: Improper privilege management in elasticsearch

6.5

CVSS Score
3.1

Basic Information

EPSS Score
0.34334%
Published
5/24/2022
Updated
7/2/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.elasticsearch:elasticsearchmaven>= 7.0.0, < 7.9.07.9.0
org.elasticsearch:elasticsearchmaven< 6.8.126.8.12

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The provided vulnerability description and references indicate a flaw in how scroll contexts interact with Field Level Security (FLS) checks, but no specific code snippets, commit diffs, or function names are disclosed in the available resources. The vulnerability stems from improper re-use of cached scroll contexts across users with different privileges, but without access to Elasticsearch's internal implementation details (e.g., ScrollService, SecurityFilter, or SearchService logic), we cannot confidently map this to specific functions. High-confidence identification requires direct evidence from code changes or patch details, which are not provided in the advisory materials.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In *l*sti*s**r** ***or* *.*.* *n* *.*.** * *i*l* *is*losur* *l*w w*s *oun* w**n runnin* * s*rollin* s**r** wit* *i*l* L*v*l S**urity. I* * us*r runs t** s*m* qu*ry *not**r mor* privil**** us*r r***ntly r*n, t** s*rollin* s**r** **n l**k *i*l*s t**t s

Reasoning

T** provi*** vuln*r**ility **s*ription *n* r***r*n**s in*i**t* * *l*w in *ow s*roll *ont*xts int*r**t wit* *i*l* L*v*l S**urity (*LS) ****ks, *ut no sp**i*i* *o** snipp*ts, *ommit *i**s, or *un*tion n*m*s *r* *is*los** in t** *v*il**l* r*sour**s. T**