Elastic Stack 7.13.4 released

Version 7.13.4 of the Elastic Stack was released today that fixes a security vulnerability. We recommend you upgrade to this latest version.

The 7.13.4 patch release fixes a security issue where an authenticated user could submit a malformed query to an Elasticsearch cluster that could return sensitive data such as documents or login credentials. Please see our security advisory for more details.

The patch release also fixes an issue in Workplace Search for the Confluence Cloud connector. In previous releases, Confluence Cloud attachment content could not be downloaded and extracted. Confluence Cloud Permissions also failed to sync if Document Level Permissions are enabled. These failures are due to a backwards-incompatible API change made by Atlassian, the developer of Confluence Cloud.

For a full list of changes for each product, please refer to the release notes:

7.13.4 Release Notes

Elastic Stack

Elastic Enterprise Search

Elastic Observability