Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:elasticsearch:x-pack_reporting:2.4.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-8446 |
The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reporting_user role could execute a report with the permissions of another reporting user, possibly gaining access to sensitive data. Published: August 18, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 4.0 MEDIUM |