Elastic Elastic Cloud On Kubernetes — known CVE vulnerabilities
Every CVE whose affected-product data names Elastic Elastic Cloud On Kubernetes, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-7010 — CVSS 7.5 (high): Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able…
CVE-2023-31416 — CVSS 5.3 (medium): Secret token configuration is never applied when using ECK <2.8 with APM Server >=8.0. This could lead to anonymous requests to an APM…