CVE-2024-37282 | Elastic Cloud Enterprise up to 3.7.1 API Key improper authorization

Inserito da Angelo Barbosa | Giu 28, 2024 | CVE

A vulnerability was found in Elastic Cloud Enterprise up to 3.7.1. It has been classified as critical. Affected is an unknown function of the component API Key Handler. The manipulation leads to improper authorization.

This vulnerability is traded as CVE-2024-37282. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37282 | Elastic Cloud Enterprise up to 3.7.1 API Key improper authorization

Post correlati

CVE-2023-46960 | PyPXE 1.8.4 tftp Module handle buffer overflow

CVE-2024-23739 | Discord up to 0.0.291 on macOS Setting RunAsNode/enableNodeClilnspectArguments Privilege Escalation

CVE-2023-5505 | BackWPup Plugin up to 4.0.1 on WordPress path traversal

CVE-2024-7602 | Logsign Unified SecOps Platform path traversal (ZDI-24-1102)