Exposure of Sensitive Information to an Unauthorized Actor in sscarduzio/elasticsearch-readonlyrest-plugin


Reported on

Jan 12th 2022


elasticsearch-readonlyrest-plugin is using TLS. There are many serious vulnerabilities in early TLS that left unaddressed put organizations at risk of being breached. The widespread POODLE and BEAST exploits are just a couple of examples of how attackers have taken advantage of weaknesses and early TLS to compromise organizations.

Among other weaknesses, TLS 1.0 is vulnerable to man-in-the-middle attacks, risking the integrity and authentication of data sent between a website and a browser.

According to NIST, there are no fixes or patches that can adequately repair early TLS. Therefore, it is critically important that organizations upgrade to a secure alternative as soon as possible and disable any fallback to early TLS.

Recommending to use TLS 1.3 or 1.2

We are processing your report and will contact the sscarduzio/elasticsearch-readonlyrest-plugin team within 24 hours. 2 years ago
We created a GitHub Issue asking the maintainers to create a SECURITY.md 2 years ago
We have contacted a member of the sscarduzio/elasticsearch-readonlyrest-plugin team and are waiting to hear back 2 years ago
We have sent a follow up to the sscarduzio/elasticsearch-readonlyrest-plugin team. We will try again in 4 days. 2 years ago
Simone Scarduzio validated this vulnerability 2 years ago
ready-research has been awarded the disclosure bounty
The fix bounty is now up for grabs
Simone Scarduzio marked this as fixed in 1.38.0 with commit e24082 2 years ago
The fix bounty has been dropped
RorProxy.scala#L92 has been validated
to join this conversation