Skip to main content

Elastic Cloud On Kubernetes

2 CVEs product

Monthly

CVE-2023-31416 MEDIUM This Month

Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Elastic Cloud On Kubernetes
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2020-7010 Go HIGH PATCH This Week

Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Elastic Information Disclosure Elastic Cloud On Kubernetes
NVD
CVSS 3.1
7.5
EPSS
1.4%
EPSS 0% CVSS 5.3
MEDIUM This Month

Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Elastic Cloud On Kubernetes
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Elastic Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy