| |
Vulnerability CVE-2022-23708
Published: 2022-03-03
| Description: |
A flaw was discovered in Elasticsearch 7.17.0??s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with ??*? index permissions access to this index. |
References: |
https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
