CVE-2017-8441 in X-Pack Securityinfo

Zusammenfassung

von MITRE

Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not always correctly apply Document Level Security to index aliases. This bug could allow a user with restricted permissions to view data they should not have access to when performing certain operations against an index alias.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

02.05.2017

Veröffentlichung

05.06.2017

Moderieren

akzeptiert

Eintrag

VDB-101956

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

4.3 (NVD)

EPSS

0.00133

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-8441
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-8441
CVE Details	https://www.cvedetails.com/cve/CVE-2017-8441/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!