Elasticsearch up to 5.6.14/6.6.0 Document Level Security permission

Summaryinfo

A vulnerability was found in Elasticsearch up to 5.6.14/6.6.0. It has been rated as critical. This vulnerability affects unknown code of the component Document Level Security. This manipulation causes permission. This vulnerability appears as CVE-2019-7611. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.

Detailsinfo

A vulnerability has been found in Elasticsearch up to 5.6.14/6.6.0 and classified as critical. Affected by this vulnerability is an unknown function of the component Document Level Security. The manipulation with an unknown input leads to a permission vulnerability. The CWE definition for the vulnerability is CWE-275. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

A permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name. This could result in an attacker gaining additional permissions against a restricted index.

The bug was discovered 03/26/2019. The weakness was presented 03/25/2019. This vulnerability is known as CVE-2019-7611 since 02/07/2019. The attack can be launched remotely. The exploitation doesn't need any form of authentication. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1222 according to MITRE ATT&CK.

Upgrading to version 5.6.15 or 6.6.1 eliminates this vulnerability.

Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Name

• Elasticsearch

Version

• 0.20.0
• 0.20.1
• 0.20.2
• 0.20.3
• 0.20.4
• 0.20.5
• 0.20.6
• 0.90.0
• 0.90.0.Beta1
• 0.90.0.RC1
• 0.90.0.RC2
• 0.90.1
• 0.90.2
• 0.90.3
• 0.90.4
• 0.90.5
• 0.90.6
• 0.90.7
• 0.90.8
• 0.90.9
• 0.90.10
• 0.90.11
• 0.90.12
• 0.90.13
• 1.0.0
• 1.0.0.Beta1
• 1.0.0.Beta2
• 1.0.0.RC1
• 1.0.0.RC2
• 1.1.0
• 1.1.1
• 1.1.2
• 1.2.0
• 1.2.1
• 1.2.2
• 1.2.3
• 1.3.0
• 1.3.1
• 1.3.2
• 1.3.3
• 1.3.4
• 1.3.5
• 1.3.6
• 1.3.7
• 1.3.8
• 1.3.9
• 1.4.0
• 1.4.0.Beta1
• 1.4.1
• 1.4.2
• 1.4.3
• 1.4.4
• 1.4.5
• 1.5.0
• 1.5.1
• 1.5.2
• 1.6.0
• 1.6.1
• 1.6.2
• 1.7.0
• 1.7.1
• 1.7.2
• 1.7.3
• 1.7.4
• 1.7.5
• 1.7.6
• 2.0.0
• 2.0.0-beta1
• 2.0.0-beta2
• 2.0.0-rc1
• 2.0.1
• 2.0.2
• 2.2.0
• 2.2.1
• 2.2.2
• 2.3.0
• 2.3.1
• 2.3.2
• 2.3.3
• 2.3.4
• 2.3.5
• 2.4.0
• 2.4.1
• 2.4.2
• 2.4.3
• 2.4.4
• 2.4.5
• 2.4.6
• 5.0.0
• 5.0.0-alpha1
• 5.0.0-alpha2
• 5.0.0-alpha3
• 5.0.0-alpha4
• 5.0.0-alpha5
• 5.0.0-rc1
• 5.0.1
• 5.0.2
• 5.1.0
• 5.1.1
• 5.1.2
• 5.2.0
• 5.2.1
• 5.2.2
• 5.3.0
• 5.3.1
• 5.3.2
• 5.4.0
• 5.5.0
• 5.5.1
• 5.5.2
• 5.5.3
• 5.6.0
• 5.6.1
• 5.6.2
• 5.6.3
• 5.6.4
• 5.6.5
• 5.6.6
• 5.6.7
• 5.6.8
• 5.6.9
• 5.6.10
• 5.6.11
• 5.6.12
• 5.6.13
• 5.6.14
• 5.6.15
• 5.6.16
• 6.0.0
• 6.0.0-alpha1
• 6.0.0-alpha2
• 6.0.0-beta1
• 6.0.0-rc1
• 6.0.0-rc2
• 6.1.0
• 6.1.1
• 6.1.2
• 6.1.3
• 6.2.0
• 6.2.1
• 6.2.2
• 6.2.3
• 6.2.4
• 6.3.0
• 6.3.1
• 6.3.2
• 6.4.1
• 6.4.3
• 6.5.0
• 6.5.1
• 6.5.2
• 6.5.3
• 6.5.4
• 6.6.0

License

• free

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion