CNNVD-202512-2706 Information

CNNVD ID

CNNVD-202512-2706

Related CVE

CVE-2025-37731

• CNNVD Published: 2025-12-15

Description (Chinese)

Elasticsearch是荷兰Elastic公司的一个搜索分析引擎。 Elasticsearch存在安全漏洞，该漏洞源于认证不当，可能导致通过特制客户端证书进行用户冒充。

Description (English)

Elasticsearch is a search and analysis engine of the Netherlands company Elastic. Elasticsearch had a security loophole, which stemmed from improper authentication, which could lead to the impersonation of users through customized client certificates.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Elastic

Published

2025-12-15

Last Modified

2026-02-24

References

https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-27/384063