3 matches found
UBUNTU-CVE-2022-23708
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...
Elastic Stack 7.17.1 Security Update
Elasticsearch privilege escalation issue ESA-2022-02 A flaw was discovered in elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this...
Elastic Stack 7.4.0 security update
Elastic Code local file disclosure flaw ESA-2019-12 A local file disclosure flaw was found in Elastic Code. If a malicious code repository is imported into Code it is possible to read arbitrary files from the local filesystem of the Kibana instance running Code with the permission of the Kibana...