6 matches found
EUVD-2017-17398
Malware in sbrugna...
Elasticsearch ESA-2017-19
An error was found in the permission model used by X-Pack alerting whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid112043; scriptversion"1.2";...
CVE-2017-8448
An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges...
CVE-2017-8448
An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges...
Code injection
An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges...
CVE-2017-8448
CVE-2017-8448 affects Elastic X-Pack alerting in Elastic Stack versions 5.0.0–5.6.0, where the permission model allowed users mapped to certain built-in roles to create a watch that elevated their privileges. The issue stems from a privilege escalation vulnerability in the X-Pack alerting permiss...