Medium severity4.3NVD Advisory· Published Jun 5, 2017· Updated Jun 17, 2026
CVE-2017-8441
CVE-2017-8441
Description
Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not always correctly apply Document Level Security to index aliases. This bug could allow a user with restricted permissions to view data they should not have access to when performing certain operations against an index alias.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: prior to 5.4.1 and 5.3.3
Patches
Vulnerability mechanics
References
3- discuss.elastic.co/t/elastic-stack-5-4-1-and-5-3-3-security-updates/87952nvdVendor Advisory
- www.elastic.co/blog/elasticsearch-5-4-1-and-5-3-3-releasednvdRelease NotesVendor Advisory
- www.elastic.co/community/securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.