Elastic 漏洞

时间轴

类型

Not Defined	18
Cloud Software	5
Programming Language Software	1
Ruby Gem	1

产品

Elastic Cloud Enterprise	5
Elastic Kibana	4
Elastic Endpoint Security	4
Elastic Code	2
Elastic Enterprise Search	2

修正

Official Fix	16
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	9

易受攻击性

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	25

访问向量

Not Defined	0
Physical	0
Local	2
Adjacent	10
Network	13

身份验证

Not Defined	0
High	1
Low	21
None	3

用户交互

Not Defined	0
Required	2
None	23

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	2
≤4	1
≤5	3
≤6	7
≤7	4
≤8	3
≤9	5
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	2
≤4	1
≤5	4
≤6	6
≤7	4
≤8	3
≤9	5
≤10	0

VulDB

≤1	0
≤2	0
≤3	2
≤4	4
≤5	6
≤6	6
≤7	1
≤8	1
≤9	5
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	1
≤5	1
≤6	3
≤7	4
≤8	7
≤9	4
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	1
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	5
<2k	13
<5k	7
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

本日攻击

<1k	20
<2k	5
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

攻击市场容量

🔴 CTI 活动

Affected Products (12): APM Agent (1), APM Java Agent (1), Cloud Enterprise (5), Code (2), Endgame (1), Endpoint Security (4), Enterprise Search (2), Enterprise Search App (2), Filebeat (1), Kibana (4), Stack (1), X-Pack Security (2)

已发布	Base	Temp	漏洞	Prod	易	修正	CTI	EPSS	CVE
2023-09-07	8.8	8.4	Elastic Code SetHostIPv6StaticSettings 内存损坏	未知	Not Defined	Official Fix	0.35	0.00000	CVE-2023-41211
2023-05-05	3.4	3.4	Elastic Filebeat httpjson 信息公开	未知	Not Defined	Not Defined	0.00	0.00043	CVE-2023-31413
2023-05-05	7.1	7.1	Elastic Kibana Uptime/Synthetics 权限升级	未知	Not Defined	Not Defined	0.07	0.00054	CVE-2023-31415
2023-05-05	7.1	7.1	Elastic Kibana Configuration 权限升级	未知	Not Defined	Not Defined	0.07	0.00054	CVE-2023-31414
2023-02-22	5.5	5.5	Elastic Kibana URL Redirect	未知	Not Defined	Not Defined	0.07	0.00046	CVE-2022-38779
2023-02-09	8.3	8.3	Elastic Endpoint Security 权限升级	未知	Not Defined	Not Defined	0.05	0.00043	CVE-2022-38777
2023-02-09	5.8	5.7	Elastic Kibana 拒绝服务	未知	Not Defined	Official Fix	0.03	0.00044	CVE-2022-38778
2023-01-27	8.3	8.3	Elastic Endpoint Security 权限升级	未知	Not Defined	Not Defined	0.00	0.00043	CVE-2022-38775
2023-01-27	8.3	8.3	Elastic Endpoint Security/Endgame 权限升级	未知	Not Defined	Not Defined	0.05	0.00043	CVE-2022-38774
2022-09-29	4.4	4.3	Elastic Cloud Enterprise SAML 信息公开	Cloud Software	Not Defined	Official Fix	0.04	0.00050	CVE-2022-23716

15 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 15 results.

◂ 上一步一览下一步 ▸

Interested in the pricing of exploits?

See the underground prices here!