Will there be a new release of 6.x version mitigating CVE-2020-7018

ManjunathMS35 · August 27, 2020, 2:30pm

Hi,

The CVE-2020-7018 has a fix in 7.9.0 version and the fix for users who couldn't update to this version is specified here Enterprise Search 7.9.0 security update

I wanted to know if there will be a new release fixing CVE-2020-7018 in 6.x version or the solution provided in the above link is the final one. If there is a release of 6.x version, when it will be released.

Regards,
Manjunath

joshbressers · August 27, 2020, 2:48pm

Hello Manjunath,

There is no 6.x version of Enterprise search.

CVE-2020-7018 affects Elastic Enterprise Search, not the Elastic Stack (which there is a 6.x version). If you are running Elastic Stack 6.x you do not need to take any actions for this particular vulnerability.

Topic		Replies	Views
Security update associated with CVE-2023-31418 has confusing wording Elasticsearch	2	458	December 29, 2023
Elasticsearch Vulnerability Patches Elasticsearch	2	366	August 10, 2018
Elastic Stack 7.14.0 Security Update Security Announcements	1	14852	November 4, 2022
Discuss: Security Vulnerabilities: ESA-2023-14 - CVE-2023-31419 Elasticsearch	3	683	January 4, 2024
Elastic Stack 7.9.0 and 6.8.12 Security Update Security Announcements	1	14198	November 4, 2022

Will there be a new release of 6.x version mitigating CVE-2020-7018

Related topics