CVE-2020-7021

CVE-2020-7021

Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.

Source: CVE-2020-7021

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다