Back to search
CVE-2019-13417
Published: Aug 12, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated.
| Vendor | Product | Versions |
|---|---|---|
floragunn | Search Guard | affected unspecified - < 24.0 |
Weaknesses (CWE)
References
https://search-guard.com/cve-advisory/
x_refsource_MISC
https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now