Some vulnerabilities in Elasticsearch v7.16.3 x-pack, Elasticsearch sql cli 7.16.3, plugin cli, security cli

Sagarika_Mahalik · March 23, 2022, 10:15am

Hi,

There are some Vulnerabilities in Elasticsearch 7.16.3 version.
Some vulnerabilities in Elasticsearch v7.16.3 x-pack, Elasticsearch sql cli 7.16.3, plugin cli, security cli.

While installing Elasticsearch all of the above modules like x-pack-core, x-pack-security, x-pack-ml, x-pack-watcher, Elasticsearch sql cli 7.16.3, plugin cli, security cli also getting installed which shows some Vulnerabilities.

Is there a way to remove these packages like the x-pack if they are not used in project or any way we can upgrade these components?

Christian_Dahlqvist · March 23, 2022, 10:26am

I would recommend upgrading to the latest Elasticsearch 7.17.

Sagarika_Mahalik · March 23, 2022, 4:01pm

Is there any way to remove the x-pack if we are not using in our project?

Christian_Dahlqvist · March 23, 2022, 5:16pm

No, there is not.

system · April 20, 2022, 5:17pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Some vulnerabilities in Elasticsearch v7.10.0 x-pack, Elasticsearch sql cli 7.10.0, plugin cli, security cli Elasticsearch	2	494	January 21, 2022
Elasticseach JDK and sql-cli vulnerability mitigation Elasticsearch	3	221	June 30, 2022
Some vulnerabilities in Elasticsearch v7.10.0 Elasticsearch	3	516	December 10, 2021
Elasticsearch-sql-cli jar and log4j vulnerabilty Elasticsearch	2	768	March 17, 2022
ES 7.4.0 and SQL CLI Script :: Environment Variable Issue? Elasticsearch elastic-stack-sql	5	1377	November 14, 2019

Some vulnerabilities in Elasticsearch v7.16.3 x-pack, Elasticsearch sql cli 7.16.3, plugin cli, security cli

Related topics