CVE-2018-3828 - OpenCVE

Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Elastic	Elastic Cloud Enterprise

Configuration 1 [-]

cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*

References

Link	Resource
https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778	Vendor Advisory
https://www.elastic.co/community/security	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: elastic

Published: 2018-09-19T19:00:00

Updated: 2018-09-19T18:57:01

Reserved: 2018-01-02T00:00:00

Link: CVE-2018-3828

JSON object: View

NVD Information

Status : Modified

Published: 2018-09-19T19:29:00.907

Modified: 2019-10-09T23:40:40.670

Link: CVE-2018-3828

JSON object: View

Redhat Information

No data.

CWE

CWE-532

{"containers": {"cna": {"affected": [{"product": "Elastic Cloud Enterprise", "vendor": "Elastic", "versions": [{"status": "affected", "version": "before 1.1.4"}]}], "datePublic": "2018-06-13T00:00:00", "descriptions": [{"lang": "en", "value": "Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532: Information Exposure Through Log Files", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-09-19T18:57:01", "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.elastic.co/community/security"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@elastic.co", "ID": "CVE-2018-3828", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Elastic Cloud Enterprise", "version": {"version_data": [{"version_value": "before 1.1.4"}]}}]}, "vendor_name": "Elastic"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-532: Information Exposure Through Log Files"}]}]}, "references": {"reference_data": [{"name": "https://www.elastic.co/community/security", "refsource": "CONFIRM", "url": "https://www.elastic.co/community/security"}, {"name": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778", "refsource": "CONFIRM", "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"}]}}}}, "cveMetadata": {"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "assignerShortName": "elastic", "cveId": "CVE-2018-3828", "datePublished": "2018-09-19T19:00:00", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2018-09-19T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBE5D901-05D3-4C30-BFCC-764132574714", "versionEndExcluding": "1.1.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. It was discovered that certain exception conditions would result in encryption keys, passwords, and other security sensitive headers being leaked to the allocator logs. An attacker with access to the logging cluster may obtain leaked credentials and perform authenticated actions using these credentials."}, {"lang": "es", "value": "Elastic Cloud Enterprise (ECE), en versiones anteriores a la 1.1.4, contiene una vulnerabilidad de exposici\u00f3n de informaci\u00f3n. Se ha descubierto que determinadas condiciones de excepci\u00f3n resultar\u00edan en la fuga de claves cifradas, contrase\u00f1as y otras cabeceras de seguridad sensibles a los logs del \"allocator\". Un atacante con acceso al cl\u00faster de registros podr\u00eda ser capaz de obtener credenciales filtradas y realizar acciones autenticadas mediante el uso de esas credenciales."}], "id": "CVE-2018-3828", "lastModified": "2019-10-09T23:40:40.670", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-19T19:29:00.907", "references": [{"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-1-1-4-security-update/135778"}, {"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://www.elastic.co/community/security"}], "sourceIdentifier": "bressers@elastic.co", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-532"}], "source": "bressers@elastic.co", "type": "Secondary"}]}