- What is the elastic CNA?
- elastic is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 209 CVE records since 2017.
- How many CVEs has elastic published?
- elastic has published 209 CVE records, including 73 in the last two years.
- What is elastic's CVE data quality grade?
- RadicalNotion.AI grades elastic's CVE data quality as B, with an overall completeness score of 85.8%. This reflects how consistently its CVE records include vendor (98.6%), product (98.6%), CVSS (47.4%), and CWE (98.6%) information.
- What products does elastic publish CVEs for?
- elastic most frequently publishes CVEs for Kibana, Elasticsearch, x-pack, Elastic Cloud Enterprise, Logstash.
- Which vendors does elastic cover?
- elastic publishes CVEs across 1 distinct vendors, most often Elastic, elasticsearch, oracle, Red Hat, microsoft.
- Is elastic actively publishing CVEs?
- elastic is currently active, based on 73 CVEs in the last two years.
- What is the average severity of elastic's CVEs?
- The average CVSS base score across elastic's scored CVEs is 6.4.
- How many critical CVEs has elastic published?
- elastic has published 19 critical-severity CVEs and 79 high-severity CVEs.
- Are any of elastic's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 1 of elastic's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in elastic's CVEs?
- elastic's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-532 (Insertion of Sensitive Information into Log File), CWE-400 (Uncontrolled Resource Consumption), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor).
- How does elastic rank among CNAs?
- By total CVE volume, elastic ranks #83 of 370 CNAs, and it reports more complete CVE records than 33% of all CNAs.