Description

Elasticsearch is a highly scalable open-source full-text search and analytics engine. It allows you to store, search, and analyze big volumes of data quickly and in near real time. It is generally used as the underlying engine/technology that powers applications that have complex search features and requirements.

Acunetix discovered that is possible to access the elasticsearch service. This service should not be accessible on a production website as it may give an attacker access to sensitive information about the affected system. Elasticsearch has no access roles or authentication mechanism. This means that you have full control over a cluster the moment you connect to it.

Remediation

Disable external access to the elasticsearch service.

References

elasticsearch

Related Vulnerabilities

Apache Geronimo default administrative credentials

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10003)

WordPress Plugin Sliced Invoices-WordPress Invoice Multiple Vulnerabilities (3.8.2)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0195)

WordPress Plugin Theme Editor Arbitrary File Download (2.5)

Severity

High

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Tags

Configuration Information Disclosure