Widespread Elastic Stack API Security Vulnerability that Exposes Customer and System Data

guest · Sep 29, 2021

Salt Security Finds Widespread Elastic Stack API Security Vulnerability that Exposes Customer and System Data
Elastic Stack injection exploit that can result in DoS attacks and cascading API threats
September 29, 2021
https://www.darkreading.com/applica...ability-that-exposes-customer-and-system-data

Salt Security, the leading API security company, today released new API threat research from Salt Labs detailing Elastic Injection attacks. The research highlights a widespread API vulnerability that results from the misimplementation of Elastic Stack, a group of open source products that use APIs for critical data aggregation, search, and analytics capabilities. Salt Labs found that nearly every organization using Elastic Stack is affected by this vulnerability, which makes users susceptible to injection attacks. Bad actors can use injection attacks to exfiltrate data and launch denial of service (DoS) events.

“Our latest API security research underscores how prevalent and potentially dangerous API vulnerabilities are. Elastic Stack is widely used and secure, but Salt Labs observed the same architectural design mistakes in almost every environment that uses it,” said Roey Eliyahu, co-founder and CEO, Salt Security.
Click to expand...

Salt Labs researchers were able to show how the impact of the Elastic Stack design implementation flaws worsens significantly when an attacker chains together multiple exploits.

“While not a vulnerability with Elastic Stack itself, the design implementation flaws that Salt Labs observed introduce just as much risk. The specific queries submitted to the Elastic back-end services used to exploit this vulnerability are difficult to test for,” said Michael Isbitski, Technical Evangelist, Salt Security.
Click to expand...

Salt Security: API Threat Research: Elastic Stack Misconfiguration Allows Data Extraction

We were further able to demonstrate additional flaws that took advantage of this Elastic Stack design weakness to create a cascade of API threats, many of which correspond indirectly to items described in the OWASP API Security Top 10, including:

excessive data exposure

lack of resources and rate limits

security misconfiguration

susceptibility to injection attacks due to lack of input filtering

Click to expand...

Log in or Sign up

Widespread Elastic Stack API Security Vulnerability that Exposes Customer and System Data

guest Guest

Log in or Sign up

Widespread Elastic Stack API Security Vulnerability that Exposes Customer and System Data

guest Guest

Useful Searches