4.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-7021

GHSA ID

GHSA-cqgv-256r-m9r8

EPSS Score

0.60567%

CWE

CWE-532

Published

5/24/2022

Updated

1/27/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-7021

CVE-2020-7021:
Insertion of Sensitive Information into Log File in Elasticsearch

Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.

(GitHub Advisory)

4.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-7021

GHSA ID

GHSA-cqgv-256r-m9r8

EPSS Score

0.60567%

CWE

CWE-532

Published

5/24/2022

Updated

1/27/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.elasticsearch:elasticsearch	maven	<= 6.8.13	6.8.14
org.elasticsearch:elasticsearch	maven	>= 7.0.0, <= 7.0.9	7.10.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability explicitly relates to audit logging with emit_request_body enabled. These functions are core components of Elasticsearch's audit logging system that would handle request body inclusion. The CWE-532 classification confirms this is a logging-sensitive-data issue. While exact code isn't available, Elasticsearch's architecture documentation and security advisories indicate these components manage request body logging. The patched versions likely added filtering in these functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*l*sti*s**r** v*rsions ***or* *.**.* *n* *.*.** **v* *n in*orm*tion *is*losur* issu* w**n *u*it lo**in* *n* t** *mit_r*qu*st_*o*y option is *n**l**. T** *l*sti*s**r** *u*it lo* *oul* *ont*in s*nsitiv* in*orm*tion su** *s p*sswor* **s**s or *ut**nti**

Reasoning

T** vuln*r**ility *xpli*itly r*l*t*s to *u*it lo**in* wit* *mit_r*qu*st_*o*y *n**l**. T**s* *un*tions *r* *or* *ompon*nts o* *l*sti*s**r**'s *u*it lo**in* syst*m t**t woul* **n*l* r*qu*st *o*y in*lusion. T** *W*-*** *l*ssi*i**tion *on*irms t*is is *

4.9

Basic Information

Concerned about an active attack path?

CVE-2020-7021: Insertion of Sensitive Information into Log File in Elasticsearch

4.9

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2020-7021:
Insertion of Sensitive Information into Log File in Elasticsearch

Vulnerability Intelligence
Miggo AI