CVE-2021-22132 - OpenCVE

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:H/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Elastic	Elasticsearch
Oracle	Communications Cloud Native Core Automated Test Suite

Configuration 1 [-]

cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*

References

Link	Resource
https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164	Release Notes Vendor Advisory
https://security.netapp.com/advisory/ntap-20210219-0004/	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: elastic

Published: 2021-01-14T19:20:12

Updated: 2022-04-19T23:24:15

Reserved: 2021-01-04T00:00:00

Link: CVE-2021-22132

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-01-14T20:15:13.407

Modified: 2022-05-12T14:52:03.583

Link: CVE-2021-22132

JSON object: View

Redhat Information

No data.

CWE

CWE-522

{"containers": {"cna": {"affected": [{"product": "Elasticsearch", "vendor": "Elastic", "versions": [{"status": "affected", "version": "7.7.0 to 7.10.1"}]}], "descriptions": [{"lang": "en", "value": "Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522: Insufficiently Protected Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-19T23:24:15", "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210219-0004/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@elastic.co", "ID": "CVE-2021-22132", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Elasticsearch", "version": {"version_data": [{"version_value": "7.7.0 to 7.10.1"}]}}]}, "vendor_name": "Elastic"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-522: Insufficiently Protected Credentials"}]}]}, "references": {"reference_data": [{"name": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164", "refsource": "MISC", "url": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"}, {"name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"name": "https://security.netapp.com/advisory/ntap-20210219-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210219-0004/"}]}}}}, "cveMetadata": {"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "assignerShortName": "elastic", "cveId": "CVE-2021-22132", "datePublished": "2021-01-14T19:20:12", "dateReserved": "2021-01-04T00:00:00", "dateUpdated": "2022-04-19T23:24:15", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB1F6EA5-5747-4DB0-BD17-148468730A3F", "versionEndExcluding": "7.10.2", "versionStartIncluding": "7.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "98FB24DB-AF91-48D0-9CA5-C8250D183FD5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in the cluster. This issue is fixed in Elasticsearch 7.10.2"}, {"lang": "es", "value": "Elasticsearch versiones 7.7.0 hasta 7.10.1, contienen un fallo de divulgaci\u00f3n de informaci\u00f3n en la API de b\u00fasqueda as\u00edncrona. Los usuarios que ejecutan una b\u00fasqueda as\u00edncrona almacenar\u00e1n inapropiadamente los encabezados HTTP. Un usuario de Elasticsearch con la capacidad de leer el \u00edndice .tasks podr\u00eda obtener encabezados de petici\u00f3n confidenciales de otros usuarios en el cl\u00faster. Este problema es corregido en Elasticsearch versi\u00f3n 7.10.2"}], "id": "CVE-2021-22132", "lastModified": "2022-05-12T14:52:03.583", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-01-14T20:15:13.407", "references": [{"source": "bressers@elastic.co", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"}, {"source": "bressers@elastic.co", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210219-0004/"}, {"source": "bressers@elastic.co", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}], "sourceIdentifier": "bressers@elastic.co", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-522"}], "source": "bressers@elastic.co", "type": "Secondary"}]}