CVE-2025-37729
9.1CRITICALImproper neutralization of special elements used in a template engine in Elastic Cloud Enterprise (ECE) can lead to a malicious actor with Admin access exfiltrating sensitive information and issuing c
게시됨: 10/13/2025업데이트됨: 12/11/2025
설명
Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise (ECE) can lead to a malicious actor with Admin access exfiltrating sensitive information and issuing commands via a specially crafted string where Jinjava variables are evaluated.
AI 분석AI 기반
영향받는 제품
elasticelastic_cloud_enterprise
elasticelastic_cloud_enterprise