5 matches found
EUVD-2017-17389
Malware in sbrugna...
ElasticSearch X-Pack Security Elevation of Privilege Vulnerability
ElasticSearch X-Pack is an extension of the Elastic Stack log analysis system from the Dutch company Elasticsearch. security is one of the features used to control access rights. An elevation of privilege vulnerability exists in the runas feature in ElasticSearch X-Pack Security versions 5.0.0...
Design/Logic Flaw
Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the runas functionality. This bug prevents transitioning into the specified user specified in a runas request. If a role has been created using a template that contains the user properties, the behavior of runas...
CVE-2017-8438
Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the runas functionality. This bug prevents transitioning into the specified user specified in a runas request. If a role has been created using a template that contains the user properties, the behavior of runas...
CVE-2017-8438
Elastic X-Pack Security (Elasticsearch X-Pack Security) versions 5.0.0–5.4.0 contain a privilege escalation vulnerability in the run_as functionality. The bug prevents transitioning to the specified user in a run_as request, and can misbehave if a role template includes the _user properties or if...