2 matches found
Elastic Cloud Enterprise (ECE) Incorrect Authentication Vulnerability
Elastic Cloud Enterprise ECE is a suite of software packages for managing, monitoring, and configuring Elasticsearch, Kibana, and X-Pack from Elasticsearch Netherlands. Elastic Cloud Enterprise ECE suffers from an incorrect authentication vulnerability that can be exploited by an attacker to add ...
PT-2018-16223 · Elastic · Cloud Enterprise
Name of the Vulnerable Software and Affected Versions: Elastic Cloud Enterprise ECE versions prior to 1.1.4 Description: A security issue was found in Elastic Cloud Enterprise where a user could scale out allocators on new hosts using an invalid roles token. An attacker with access to the previou...