Elastic Elasticsearch 7.13.3
Approved changes feed: RSS · Atom
cpe:2.3:a:elastic:elasticsearch:7.13.3:*:*:*:*:*:*:*
part: a version: 7.13.3 update: *
| Vendor | Elastic (1d0b8d2a-fd47-5b20-b005-34326f9bd037) |
|---|---|
| Product | Elasticsearch (a0208702-3648-5bff-bba8-04bce4d71093) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/elastic/elasticsearch |
purl2cpe | 2026-06-01 10:15:14.860371 |
pkg:elastic/elasticsearch |
purl2cpe | 2026-06-01 10:15:14.860372 |
pkg:github/elastic/elasticsearch |
purl2cpe | 2026-06-01 10:15:14.860374 |
pkg:rpm/opensuse/elasticsearch |
purl2cpe | 2026-06-01 10:15:14.860375 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-22146 |
vulnerable | 2026-06-03 14:43:52.266399 |
Details available
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster.
Published: 2021-07-21T11:28:12.000Z
Updated: 2024-08-03T18:37:18.223Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.