Elastic 漏洞

时间轴

类型

Not Defined	41
Cloud Software	6
Programming Language Software	3
Ruby Gem	1

产品

Elastic Kibana	11
Elastic Elasticsearch	5
Elastic Cloud Enterprise	5
Elastic Endpoint Security	4
Elastic Enterprise Search	3

修正

Official Fix	38
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	13

易受攻击性

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	51

访问向量

Not Defined	0
Physical	0
Local	5
Adjacent	21
Network	25

身份验证

Not Defined	0
High	6
Low	39
None	6

用户交互

Not Defined	0
Required	3
None	48

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	4
≤4	2
≤5	4
≤6	20
≤7	11
≤8	5
≤9	5
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	4
≤4	2
≤5	5
≤6	20
≤7	10
≤8	5
≤9	5
≤10	0

VulDB

≤1	0
≤2	0
≤3	7
≤4	14
≤5	12
≤6	8
≤7	3
≤8	2
≤9	5
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	1
≤5	3
≤6	4
≤7	10
≤8	15
≤9	6
≤10	1

CNA

≤1	0
≤2	0
≤3	1
≤4	1
≤5	1
≤6	7
≤7	9
≤8	3
≤9	3
≤10	0

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	1
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	18
<2k	26
<5k	7
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

本日攻击

<1k	43
<2k	8
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

攻击市场容量

🔴 CTI 活动

Affected Products (24): APM .NET Agent (1), APM Agent (1), APM Java Agent (2), APM Server (2), Agent (2), Beats (2), Cloud (1), Cloud Enterprise (5), Code (2), Elasticsearch (5), Endgame (1), Endpoint (1), Endpoint Security (4), Enterprise Search (3), Enterprise Search App (2), Filebeat (1), Fleet Server (2), Hadoop (1), Kibana (11), Logstash (1), Network Drive Connector (1), Sharepoint Online Python Connector (1), Stack (1), X-Pack Security (2)

已发布	Base	Temp	漏洞	Prod	易	修正	EPSS	CTI	CVE
2024-02-08	5.6	5.5	Elastic APM Server Error 信息公开	未知	Not Defined	Official Fix	0.00087	0.03	CVE-2024-23448
2024-02-07	5.4	5.3	Elastic Kibana Detection Engine Search API .alerts-security.alerts-{space_id} 权限升级	未知	Not Defined	Official Fix	0.00049	0.05	CVE-2024-23446
2024-02-07	5.0	4.9	Elastic Network Drive Connector 权限升级	未知	Not Defined	Official Fix	0.00049	0.02	CVE-2024-23447
2023-12-13	5.7	5.7	Elastic Kibana 信息公开	未知	Not Defined	Official Fix	0.00049	0.05	CVE-2023-46675
2023-12-13	2.6	2.5	Elastic Elasticsearch Watcher Search 信息公开	未知	Not Defined	Official Fix	0.00000	0.03	CVE-2023-49921
2023-12-12	5.6	5.6	Elastic Enterprise Search Documents API 信息公开	未知	Not Defined	Official Fix	0.00049	0.00	CVE-2023-49923
2023-12-12	5.6	5.6	Elastic Agent HTTP Status Code 信息公开	未知	Not Defined	Official Fix	0.00049	0.05	CVE-2023-6687
2023-12-12	5.6	5.6	Elastic Beats HTTP Status Code 信息公开	未知	Not Defined	Official Fix	0.00049	0.03	CVE-2023-49922
2023-12-05	5.9	5.9	Elastic Hadoop 权限升级	未知	Not Defined	Official Fix	0.00045	0.06	CVE-2023-46674
2023-11-24	5.3	5.2	Elastic Kibana Error 信息公开	未知	Not Defined	Official Fix	0.00049	0.05	CVE-2023-46671

41 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 41 results.

◂ 上一步一览下一步 ▸

Interested in the pricing of exploits?

See the underground prices here!