Miggo Logo
Miggo Vulnerability Database
CVE-2017-8446

CVE-2017-8446: Improper Privilege Management in X-Pack

5.3

CVSS Score
3.0

Basic Information

CVE ID
CVE-2017-8446
GHSA ID
GHSA-m728-qvxh-xfjq
EPSS Score
0.357%
CWE
CWE-269
Published
5/13/2022
Updated
2/2/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.elasticsearch.plugin:x-packmaven< 5.5.25.5.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability centers on improper user context binding during report execution. Without patch details, we identify:

  1. ReportService.executeReport as the core method that would handle report generation with security context
  2. RestSubmitReportAction.prepareRequest as the REST layer entry point that might accept vulnerable parameters These functions would appear in stack traces when malicious reports are submitted, as they handle the critical junction of user authentication and report execution. The medium confidence reflects educated guessing based on Elasticsearch architecture and CWE-269 patterns, though without explicit patch confirmation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** R*portin* ***tur* in X-P**k in v*rsions prior to *.*.* *n* st*n**lon* R*portin* plu*in v*rsions v*rsions prior to *.*.* *** *n imp*rson*tion vuln*r**ility. * us*r wit* t** r*portin*_us*r rol* *oul* *x**ut* * r*port wit* t** p*rmissions o* *not**r

Reasoning

T** vuln*r**ility **nt*rs on improp*r us*r *ont*xt *in*in* *urin* r*port *x**ution. Wit*out p*t** **t*ils, w* i**nti*y: *. R*portS*rvi**.*x**ut*R*port *s t** *or* m*t*o* t**t woul* **n*l* r*port **n*r*tion wit* s**urity *ont*xt *. R*stSu*mitR*port**