📦 Elastic Cloud Enterprise

Name: Elastic Cloud Enterprise
Author: Elastic

by Elastic

🔍 What is Elastic Cloud Enterprise?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-37729

CRITICAL CVSS 9.1 Oct 13, 2025

This CVE describes a template injection vulnerability in Elastic Cloud Enterprise (ECE) where Jinjava template variables are improperly neutralized. An attacker with Admin access can exploit this to e...

CVE-2025-37736

HIGH CVSS 8.8 Nov 7, 2025

This CVE describes an improper authorization vulnerability in Elastic Cloud Enterprise where the built-in readonly user can access privileged APIs that should be restricted. This allows privilege esca...

CVE-2024-37282

HIGH CVSS 8.1 Jun 28, 2024

This vulnerability allows API keys with specific privileges to create new API keys with elevated privileges, leading to privilege escalation. It affects Elastic Cloud Enterprise deployments where API ...

CVE-2023-31418

HIGH CVSS 7.5 Oct 26, 2023

CVE-2023-31418 is a denial-of-service vulnerability in Elasticsearch's HTTP layer where unauthenticated attackers can cause nodes to crash with OutOfMemory errors by sending malformed HTTP requests. T...