Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-8447

An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has either 'delete' or 'index' permissions on an index in a cluster, they may be able to issue both delete and index requests against that index.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.5
Products affected by CVE-2017-8447
  • Elastic » X-Pack » Version: 5.3.0
    cpe:2.3:a:elastic:x-pack:5.3.0
  • Elastic » X-Pack » Version: 5.3.1
    cpe:2.3:a:elastic:x-pack:5.3.1
  • Elastic » X-Pack » Version: 5.3.2
    cpe:2.3:a:elastic:x-pack:5.3.2
  • Elastic » X-Pack » Version: 5.3.3
    cpe:2.3:a:elastic:x-pack:5.3.3
  • Elastic » X-Pack » Version: 5.4.0
    cpe:2.3:a:elastic:x-pack:5.4.0
  • Elastic » X-Pack » Version: 5.5.0
    cpe:2.3:a:elastic:x-pack:5.5.0
  • Elastic » X-Pack » Version: 5.5.2
    cpe:2.3:a:elastic:x-pack:5.5.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved