CVSS: 8.8EPSS: 0%CPEs: 15EXPL: 0CVE-2017-8448
https://notcve.org/view.php?id=CVE-2017-8448
An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges. Existe un error en el modelo de permisos utilizado en X-Pack Alerting desde la versión 5.0.0 hasta la 5.6.0, en donde los usuarios que tienen integrados ciertos roles podrían crear un "watch" que haría que esos usuarios obtengan privilegios elevados. • https://discuss.elastic.co/t/x-pack-alerting-and-kibana-5-6-1-security-update/101884 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8446
https://notcve.org/view.php?id=CVE-2017-8446
The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reporting_user role could execute a report with the permissions of another reporting user, possibly gaining access to sensitive data. La característica Reporting en X-Pack en versiones anteriores a la 5.5.2 y el plugin independiente Reporting en versiones anteriores a la 2.4.6 presentaba una vulnerabilidad de suplantación. Un usuario con el papel de reporting_user podría ejecutar un informe con los permisos de otro usuario que informa, obteniendo así acceso a datos sensibles. • https://www.elastic.co/community/security • CWE-269: Improper Privilege Management CWE-522: Insufficiently Protected Credentials •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8445
https://notcve.org/view.php?id=CVE-2017-8445
An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node using any certificate to join a cluster. The proper behavior in this instance is for the TLS trust manager to deny all certificates. Se ha encontrado un error en el administrador de confianza X-Pack Security TLS en las versiones de la 5.0.0 a la 5.5.1. • https://www.elastic.co/community/security • CWE-295: Improper Certificate Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8442
https://notcve.org/view.php?id=CVE-2017-8442
Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication realm. This could allow an authenticated Elasticsearch user to improperly view these details. Elasticsearch X-Pack Security versiones desde 5.0.0 hasta 5.4.3, cuando está habilitada, pueden resultar en que la API _nodes de Elasticsearch filtre información confidencial de configuración, como las paths y frases de contraseña de las claves SSL que se configuraron como parte de un realm de autenticación. Esto podría permitir que un usuario autenticado de Elasticsearch visualice inapropiadamente estos detalles. • https://www.elastic.co/community/security • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2017-8438
https://notcve.org/view.php?id=CVE-2017-8438
Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as functionality. This bug prevents transitioning into the specified user specified in a run_as request. If a role has been created using a template that contains the _user properties, the behavior of run_as will be incorrect. Additionally if the run_as user specified does not exist, the transition will not happen. Las versiones 5.0.0 hasta 5.4.0 de Elastic X-Pack Security contienen un error de escalación de privilegios en la funcionalidad run_as. • https://discuss.elastic.co/t/elastic-stack-5-4-1-and-5-3-3-security-updates/87952 https://www.elastic.co/blog/elasticsearch-5-4-1-and-5-3-3-released https://www.elastic.co/community/security • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •