The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file.
References
Link | Resource |
---|---|
https://github.com/opensearch-project/opensearch-cli/blob/275085730f791daccaac81c566a25f541656d9f9/commands/root.go#L43 | Exploit Third Party Advisory |
https://github.com/opensearch-project/opensearch-cli/commit/69dc712d0d0d05dc2bc2bd0d733c73e3641b633a | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-12T05:32:02
Updated: 2021-12-12T05:32:02
Reserved: 2021-12-12T00:00:00
Link: CVE-2021-44833
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-12T06:15:06.993
Modified: 2021-12-15T15:57:26.783
Link: CVE-2021-44833
JSON object: View
Redhat Information
No data.
CWE