exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2018-17244

около 7 лет назад

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to.

CVSS3: 6.5

EPSS: Низкий

CVE-2018-17244

больше 7 лет назад

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to.

CVSS3: 6.5

EPSS: Низкий

CVE-2018-17244

около 7 лет назад

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to.

CVSS3: 6.5

EPSS: Низкий

CVE-2018-17244

около 7 лет назад

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the ...

CVSS3: 6.5

EPSS: Низкий

GHSA-vpqm-88c4-x4cv

больше 3 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-17244 Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to.	CVSS3: 6.5	1% Низкий	около 7 лет назад
CVE-2018-17244 Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to.	CVSS3: 6.5	1% Низкий	больше 7 лет назад
CVE-2018-17244 Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request running as the incorrect user. This could allow a user to access information that they should not have access to.	CVSS3: 6.5	1% Низкий	около 7 лет назад
CVE-2018-17244 Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the ...	CVSS3: 6.5	1% Низкий	около 7 лет назад
GHSA-vpqm-88c4-x4cv Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch	CVSS3: 6.5	1% Низкий	больше 3 лет назад

Уязвимостей на страницу