5 matches found
SUSE CVE-2017-8449
X-Pack Security 5.2.x would allow access to more fields than the user should have seen if the field level security rules used a mix of grant and exclude rules when merging multiple rules with field level security rules for the same index...
Elastic Kibana X-Pack 'CVE-2017-8449' Insufficient Access Restriction Vulnerability - Linux
Elastic Kibana with X-Pack is prone to an insufficient access restriction vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Elastic Kibana X-Pack 'CVE-2017-8449' Insufficient Access Restriction Vulnerability - Windows
Elastic Kibana with X-Pack is prone to an insufficient access restriction vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-8449
X-Pack Security 5.2.x would allow access to more fields than the user should have seen if the field level security rules used a mix of grant and exclude rules when merging multiple rules with field level security rules for the same index...
CVE-2017-8449
CVE-2017-8449 affects Elastic X-Pack Security 5.2.x (Elasticsearch/Kibana). When field-level security rules for the same index are merged with a mix of grant and exclude rules, a user could see more fields than permitted. This has been documented by SUSE and OpenVAS plugins, with CVSS base scores...