X-pack security
This hub aggregates every CVE we track for X-pack security, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
1
Critical
1
High
0
In CISA KEV
Severity distribution
HIGH1MEDIUM1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting X-pack security.
- CVE-2018-3822X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal. An attacker might have been able to impersonate ...9.8
- CVE-2017-8441Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not always correctly apply Document Level Security to index aliases. This bug could allow a user with restricted permissions to view da...4.3
- CVE-2017-8438Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as functionality. This bug prevents transitioning into the specified user specified in a run_as request...8.8
Product normalization is registry-driven with AI assist and human review. How it works