Medium Nessus Plugin ID 112043
SynopsisThe remote web server hosts a Java application that is affected by
DescriptionAn error was found in the permission model used by X-Pack alerting
whereby users mapped to certain built-in roles could create a watch
that results in that user gaining elevated privileges.
SolutionDeployments of the Elastic Stack that utilize X-Pack alerting should
be upgraded to version 5.6.1 to fix the privilege escalation
issue.Users mapped to the built-in watcher_admin or
machine_learning_admin roles, or any other role to which the
manage_ml or manage_watcher cluster privilege has been assigned,
should be reviewed and granted only to personnel with appropriate
trust levels to read and write all indices.