CVE-2017-8444
N/A
N/A
Summary
The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Elastic | Elastic Cloud Enterprise | 1.0.0 and 1.0.1 | affected |
Weaknesses
- CWE-319: CWE-319: Cleartext Transmission of Sensitive Information
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.