4 matches found
CVE-2018-17247
Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's findfilestructure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable of leaking content ...
Information disclosure
Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's findfilestructure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable of leaking content ...
CVE-2018-17247
Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's findfilestructure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable of leaking content ...
CVE-2018-17247
Elasticsearch Security 6.5.0/6.5.1 are affected by an XXE in Machine Learning’s find_file_structure API. The root cause is an XML External Entity vulnerability when a policy allowing external network access is present in the Java Security Manager, enabling a crafted request to leak local file con...