I have looked at the below post ES vulnerability CVE-2018-3831 and it appears that X-pack is vulnerable since it stores secrets into cluster state ?
Apart from x-Pack do what other standard ES plugins which suffer from this vulnerability ?
I am interested to know if any of the below plugins are vulnerable
Netty4Plugin, ReIndexPlugin, DeleteByQuery Plugin and Painless Plugin.
I have 2 setups, one on ES 2.4.6 and other on ES 5.6.9