RSS   Podatności dla 'X-pack reporting'   RSS

2017-08-18
 
CVE-2017-8446

CWE-269
 

 
The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reporting_user role could execute a report with the permissions of another reporting user, possibly gaining access to sensitive data.

 

 >>> Vendor: Elasticsearch 7 Produkty
Logstash
Elasticsearch
Kibana
X-pack
Output plugin
X-pack reporting
Cloud enterprise


Copyright 2024, cxsecurity.com

 

Back to Top