X-Pack Machine Learning

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2018-3823	Elastic X-Pack Machine Learning		0.00	—	0.00		Sep 19, 2018	X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. Users with manage_ml permissions could create jobs containing malicious data as part of their configuration that could allow the attacker to obtain sensitive information from…
CVE-2018-3824	Elastic X-Pack Machine Learning		0.00	—	0.00		Sep 19, 2018	X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. If an attacker is able to inject data into an index that has a ML job running against it, then when another user views the results of the ML job it could allow the attacker to…

CVE-2018-3823Sep 19, 2018
Elastic
X-Pack Machine Learning
risk 0.00cvss —epss 0.00
X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. Users with manage_ml permissions could create jobs containing malicious data as part of their configuration that could allow the attacker to obtain sensitive information from…
CVE-2018-3824Sep 19, 2018
Elastic
X-Pack Machine Learning
risk 0.00cvss —epss 0.00
X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. If an attacker is able to inject data into an index that has a ML job running against it, then when another user views the results of the ML job it could allow the attacker to…