Miggo Logo
Miggo Vulnerability Database
CVE-2020-7019

CVE-2020-7019: Improper privilege management in elasticsearch

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2020-7019
GHSA ID
GHSA-c77j-p484-h84m
EPSS Score
0.34334%
CWE
CWE-269
Published
5/24/2022
Updated
7/2/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.elasticsearch:elasticsearchmaven>= 7.0.0, < 7.9.07.9.0
org.elasticsearch:elasticsearchmaven< 6.8.126.8.12

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The provided vulnerability description and references indicate a flaw in how scroll contexts interact with Field Level Security (FLS) checks, but no specific code snippets, commit diffs, or function names are disclosed in the available resources. The vulnerability stems from improper re-use of cached scroll contexts across users with different privileges, but without access to Elasticsearch's internal implementation details (e.g., ScrollService, SecurityFilter, or SearchService logic), we cannot confidently map this to specific functions. High-confidence identification requires direct evidence from code changes or patch details, which are not provided in the advisory materials.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In *l*sti*s**r** ***or* *.*.* *n* *.*.** * *i*l* *is*losur* *l*w w*s *oun* w**n runnin* * s*rollin* s**r** wit* *i*l* L*v*l S**urity. I* * us*r runs t** s*m* qu*ry *not**r mor* privil**** us*r r***ntly r*n, t** s*rollin* s**r** **n l**k *i*l*s t**t s

Reasoning

T** provi*** vuln*r**ility **s*ription *n* r***r*n**s in*i**t* * *l*w in *ow s*roll *ont*xts int*r**t wit* *i*l* L*v*l S**urity (*LS) ****ks, *ut no sp**i*i* *o** snipp*ts, *ommit *i**s, or *un*tion n*m*s *r* *is*los** in t** *v*il**l* r*sour**s. T**