Information disclosure issue with ES 5.6.9

(shashank) #1


I have looked at the below post ES vulnerability CVE-2018-3831 and it appears that X-pack is vulnerable since it stores secrets into cluster state ?
Apart from x-Pack do what other standard ES plugins which suffer from this vulnerability ?

I am interested to know if any of the below plugins are vulnerable
Netty4Plugin, ReIndexPlugin, DeleteByQuery Plugin and Painless Plugin.

I have 2 setups, one on ES 2.4.6 and other on ES 5.6.9

(Tim Vernum) #2

To be clear, that CVE is specifically about cluster settings which are part of cluster state, but there are many things in cluster state that are not settings and are therefore not related to that CVE.

The 4 plugins that you mention by name are part of the standard Elasticsearch distribution, and are therefore covered in my reply on the referenced thread that the official distributions of Elasticsearch without X-Pack installed do not stored any secrets in cluster settings.

If you have additional plugins, or if your distribution came from somewhere other than the official Elastic packages then we cannot make any guarantees about what is included.

(system) closed #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.