Enterprise Search credential exposure flaw (ESA-2020-11)
Elastic Enterprise Search versions before 7.9.0 contain a credential exposure flaw in the App Search interface. If a user is given the ‘developer’ role, they will be able to view the administrator API credentials. These credentials could allow the developer user to conduct operations with the same permissions of the App Search administrator.
Thanks to Matt Peel of Silverstripe for reporting this vulnerability.
Affected Versions
All versions before 7.9.0
Solutions and Mitigations
Users should upgrade to Enterprise Search version 7.9.0. Users unable to upgrade can remove the developer role from App Search users and reset their existing API keys.
CVSSv3: 4.8 - AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
CVE ID: CVE-2020-7018