Miggo Logo

CVE-2024-23445: Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions

6.5

CVSS Score
3.1

Basic Information

EPSS Score
0.39984%
Published
6/12/2024
Updated
10/31/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.elasticsearch:elasticsearchmaven> 8.10.0, < 8.14.08.14.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

It w*s i**nti*i** t**t i* * *ross-*lust*r *PI k*y *ttps://www.*l*sti*.*o/*ui**/*n/*l*sti*s**r**/r***r*n**/*.**/s**urity-*pi-*r**t*-*ross-*lust*r-*pi-k*y.*tml#s**urity-*pi-*r**t*-*ross-*lust*r-*pi-k*y-r*qu*st-*o*y r*stri*ts s**r** *or * *iv*n in**x us

Reasoning

No *n*lysis *v*il**l*