Vulnerabilities > Elasticsearch > X Pack Reporting

DATE CVE VULNERABILITY TITLE RISK
2017-08-18 CVE-2017-8446 Improper Privilege Management vulnerability in Elasticsearch X-Pack and X-Pack Reporting
The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability.
network
low complexity
elasticsearch CWE-269
4.0