Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has either 'delete' or 'index' permissions on an index in a cluster, they may be able to issue both delete and index requests against that index.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Elasticsearch X-Pack Security 安全漏洞
Vulnerability Description
Elasticsearch X-Pack是荷兰Elasticsearch公司的一个Elastic Stack(日志分析系统)的扩展。Security是其中的一个安全组件。 Elasticsearch X-Pack Security 5.3.0版本至5.5.2版本中存在安全漏洞。攻击者可利用该漏洞发送删除和索引请求。
CVSS Information
N/A
Vulnerability Type
N/A