{"id":"CVE-2020-7009","details":"Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.","aliases":["BIT-elasticsearch-2020-7009","GHSA-gfv5-grx2-9jw2"],"modified":"2026-04-11T13:53:25.571505Z","published":"2020-03-31T19:15:14.447Z","references":[{"type":"ADVISORY","url":"https://www.elastic.co/community/security/"},{"type":"ADVISORY","url":"https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200403-0004/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/elastic/elasticsearch","events":[{"introduced":"8453f7701de25c467ce08088ddddac185cb8028c"},{"fixed":"2f4c2240ecfc520baef4353a726f13fc59c12066"},{"introduced":"b7e28a7232616c7a21bc879a535d801b8553ba77"},{"fixed":"ef48eb35cf30adf4db14086e8aabd07ef6fb113f"}],"database_specific":{"versions":[{"introduced":"6.7.0"},{"fixed":"6.8.8"},{"introduced":"7.0.0"},{"fixed":"7.6.2"}]}}],"versions":["v6.7.0","v6.7.1","v6.7.2","v6.8.0","v6.8.1","v6.8.2","v6.8.3","v6.8.4","v6.8.5","v6.8.6","v6.8.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7009.json","vanir_signatures":[{"digest":{"line_hashes":["141220707678054705745522305309040454462","158424970524078855021575664188388536274","168165956481179781256416093989954890155","229144230071102220520223938177773900760","215768383982142562647290196310337018600","190980073495807060676851547796513033226","333735107382115999112409131379637046661","87411123562615438936629259441859462907","27044359176411794464378468348369271497","137538088923642007219958797903970617488","139230527099308005861097624179593880154","110417774001167584680810970205720355574","330881739204447203942678233789401326607","174898642828437128754699546969061413902","117686705537864882919318867788300419527","91246983906720789385337868592268029711"],"threshold":0.9},"id":"CVE-2020-7009-ce6852db","deprecated":false,"signature_type":"Line","target":{"file":"buildSrc/src/main/java/org/elasticsearch/gradle/test/DistroTestPlugin.java"},"source":"https://github.com/elastic/elasticsearch/commit/ef48eb35cf30adf4db14086e8aabd07ef6fb113f","signature_version":"v1"},{"digest":{"function_hash":"67819099224607828614636832684374336454","length":2541},"id":"CVE-2020-7009-f78b34cc","deprecated":false,"signature_type":"Function","target":{"function":"apply","file":"buildSrc/src/main/java/org/elasticsearch/gradle/test/DistroTestPlugin.java"},"source":"https://github.com/elastic/elasticsearch/commit/ef48eb35cf30adf4db14086e8aabd07ef6fb113f","signature_version":"v1"}],"vanir_signatures_modified":"2026-04-11T13:53:25Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}