Vulnerabilities > Elastic > X Pack > 5.4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-18 | CVE-2017-8445 | Improper Certificate Validation vulnerability in Elastic X-Pack An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. | 2.1 |
| 2017-07-07 | CVE-2017-8442 | Information Exposure vulnerability in Elastic X-Pack Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication realm. | 4.0 |