← Back

X Pack Reporting

x-pack_reporting

Vendor: Elasticsearch • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-8446
1Elasticsearch
2X Pack
X Pack Reporting
May 13, 2026
Aug 18, 2017
N/A· v4
5.3 MEDIUM· v3
4.0 MEDIUM· v2
The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reporting_user role could execute a report w...Show more
The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reporting_user role could execute a report with the permissions of another reporting user, possibly gaining access to sensitive data.Show less