CVE-2018-3825

Name of the Vulnerable Software and Affected Versions Elastic Cloud Enterprise (ECE) versions prior to 1.1.4

Description A predictable default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters, unless explicitly overwritten. This key is the same across all ECE deployments. If an attacker can connect to ZooKeeper directly and the cluster ID is known, they would be able to access configuration information of other tenants.

Recommendations For versions prior to 1.1.4, update to version 1.1.4 or later to resolve the issue. As a temporary workaround, consider overwriting the default master encryption key to prevent predictability across deployments. Restrict access to ZooKeeper to minimize the risk of exploitation.