Search criteria
13 vulnerabilities
CVE-2025-13653 (GCVE-0-2025-13653)
Vulnerability from cvelistv5 – Published: 2025-12-01 18:02 – Updated: 2025-12-01 18:33
VLAI?
Summary
In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there exists an issue which allows authenticated users to use specially crafted requests to read documents from data streams without having the respective privileges.
Severity ?
4.3 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard FLX |
Affected:
3.1.0 , ≤ 4.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T18:33:30.571650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T18:33:42.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Search Guard FLX",
"vendor": "floragunn",
"versions": [
{
"lessThanOrEqual": "4.0.0",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-12-01T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there exists an issue which allows authenticated users to use specially crafted requests to read documents from data streams without having the respective privileges."
}
],
"value": "In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there exists an issue which allows authenticated users to use specially crafted requests to read documents from data streams without having the respective privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T18:02:00.573Z",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"url": "https://search-guard.com/cve-advisory/"
},
{
"url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-4_0_1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized access to documents in data streams with specially crafted requests",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2025-13653",
"datePublished": "2025-12-01T18:02:00.573Z",
"dateReserved": "2025-11-25T13:13:39.858Z",
"dateUpdated": "2025-12-01T18:33:42.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12149 (GCVE-0-2025-12149)
Vulnerability from cvelistv5 – Published: 2025-11-14 13:58 – Updated: 2025-11-14 16:51
VLAI?
Summary
In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly enforced elsewhere, when the search is triggered from a Signals watch, the DLS rule is not enforced, allowing access to all documents in the queried indices.
Severity ?
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard FLX |
Affected:
1.0.0 , ≤ 3.1.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12149",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T16:08:54.451585Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T16:51:01.897Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Search Guard FLX",
"vendor": "floragunn",
"versions": [
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-11-14T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly enforced elsewhere, when the search is triggered from a Signals watch, the DLS rule is not enforced, allowing access to all documents in the queried indices."
}
],
"value": "In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly enforced elsewhere, when the search is triggered from a Signals watch, the DLS rule is not enforced, allowing access to all documents in the queried indices."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T16:20:36.793Z",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"url": "https://search-guard.com/cve-advisory/"
},
{
"url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-3_1_3"
},
{
"url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-4_0_0"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized access to documents protected by Document-Level Security (DLS), when Signals watches include a search query involving protected documents",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2025-12149",
"datePublished": "2025-11-14T13:58:42.775Z",
"dateReserved": "2025-10-24T11:00:56.054Z",
"dateUpdated": "2025-11-14T16:51:01.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12148 (GCVE-0-2025-12148)
Vulnerability from cvelistv5 – Published: 2025-10-29 15:31 – Updated: 2025-10-29 16:11
VLAI?
Summary
In Search Guard versions 3.1.1 and earlier, Field Masking (FM) rules are improperly enforced on fields of type IP (IP Address).
While the content of these fields is properly redacted in the _source document returned by search operations, the results do return documents (hits) when searching based on a specific IP values. This allows to reconstruct the original contents of the field.
Workaround - If you cannot upgrade immediately, you can avoid the problem by using field level security (FLS) protection on fields of the affected types instead of field masking.
Severity ?
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard FLX |
Affected:
1.0.0 , ≤ 3.1.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-29T16:11:45.945762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T16:11:51.396Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Search Guard FLX",
"vendor": "floragunn",
"versions": [
{
"lessThanOrEqual": "3.1.1",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:floragunn:search_guard_flx:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2025-10-29T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Search Guard versions 3.1.1 and earlier, Field Masking (FM) rules are improperly enforced on fields of type IP (IP Address).\u003c/p\u003e\u003cp\u003eWhile the content of these fields is properly redacted in the _source document returned by search operations, the results do return documents (hits) when searching based on a specific IP values. This allows to reconstruct the original contents of the field.\u003c/p\u003e\u003cdiv\u003eWorkaround -\u0026nbsp;If you cannot upgrade immediately, you can avoid the problem by using field level security (FLS) protection on fields of the affected types instead of field masking.\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "In Search Guard versions 3.1.1 and earlier, Field Masking (FM) rules are improperly enforced on fields of type IP (IP Address).\n\nWhile the content of these fields is properly redacted in the _source document returned by search operations, the results do return documents (hits) when searching based on a specific IP values. This allows to reconstruct the original contents of the field.\n\nWorkaround -\u00a0If you cannot upgrade immediately, you can avoid the problem by using field level security (FLS) protection on fields of the affected types instead of field masking."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T15:31:32.419Z",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"url": "https://search-guard.com/cve-advisory/"
},
{
"url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-3_1_2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized access to fields protected by Field Masking (FM) for fields of type IP",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2025-12148",
"datePublished": "2025-10-29T15:31:32.419Z",
"dateReserved": "2025-10-24T11:00:54.862Z",
"dateUpdated": "2025-10-29T16:11:51.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12147 (GCVE-0-2025-12147)
Vulnerability from cvelistv5 – Published: 2025-10-29 15:29 – Updated: 2025-10-29 15:53
VLAI?
Summary
In Search Guard FLX versions 3.1.1 and earlier, Field-Level Security (FLS) rules are improperly enforced on object-valued fields.
When an FLS exclusion rule (e.g., ~field) is applied to a field which contains an object as its value, the object is correctly removed from the _source returned by search operations. However, the object members (i.e., child attributes) remain accessible to search queries. This exposure allows adversaries to infer or reconstruct the original contents of the excluded object.
Workaround - If you cannot upgrade immediately and FLS exclusion rules are used for object valued attributes (like ~object), add an additional exclusion rule for the members of the object (like ~object.*).
Severity ?
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard FLX |
Affected:
1.0.0 , ≤ 3.1.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12147",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-29T15:51:03.467788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T15:53:51.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Search Guard FLX",
"vendor": "floragunn",
"versions": [
{
"lessThanOrEqual": "3.1.1",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:floragunn:search_guard_flx:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2025-10-29T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Search Guard FLX versions 3.1.1 and earlier, Field-Level Security (FLS) rules are improperly enforced on object-valued fields.\u003c/p\u003e\n\u003cp\u003eWhen an FLS exclusion rule (e.g., ~field) is applied to a field which contains an object as its value, the object is correctly removed from the _source returned by search operations. However, the object members (i.e., child attributes) remain accessible to search queries. This exposure allows adversaries to infer or reconstruct the original contents of the excluded object.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eWorkaround - If you cannot upgrade immediately and FLS exclusion rules are used for object valued attributes (like \u003ccode\u003e~object\u003c/code\u003e), add an additional exclusion rule for the members of the object (like \u003ccode\u003e~object.*\u003c/code\u003e).\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\n\u003ch3\u003e\n\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003c/h3\u003e\u003cbr\u003e"
}
],
"value": "In Search Guard FLX versions 3.1.1 and earlier, Field-Level Security (FLS) rules are improperly enforced on object-valued fields.\n\n\nWhen an FLS exclusion rule (e.g., ~field) is applied to a field which contains an object as its value, the object is correctly removed from the _source returned by search operations. However, the object members (i.e., child attributes) remain accessible to search queries. This exposure allows adversaries to infer or reconstruct the original contents of the excluded object.\n\n\n\n\nWorkaround - If you cannot upgrade immediately and FLS exclusion rules are used for object valued attributes (like ~object), add an additional exclusion rule for the members of the object (like ~object.*)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T15:29:54.302Z",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"url": "https://search-guard.com/cve-advisory/"
},
{
"url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-3_1_2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized access to fields protected by Field-Level Security (FLS) when those fields are members of an object",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2025-12147",
"datePublished": "2025-10-29T15:29:54.302Z",
"dateReserved": "2025-10-24T11:00:52.805Z",
"dateUpdated": "2025-10-29T15:53:51.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2019-13422 (GCVE-0-2019-13422)
Vulnerability from cvelistv5 – Published: 2019-08-23 13:35 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard Kibana Plugin |
Affected:
unspecified , < 5.6.8-7
(custom)
Affected: unspecified , < 6.x.y-12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard Kibana Plugin",
"vendor": "floragunn",
"versions": [
{
"lessThan": "5.6.8-7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "6.x.y-12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-23T13:35:03",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard Kibana Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.6.8-7"
},
{
"version_affected": "\u003c",
"version_value": "6.x.y-12"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13422",
"datePublished": "2019-08-23T13:35:03",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13423 (GCVE-0-2019-13423)
Vulnerability from cvelistv5 – Published: 2019-08-23 13:30 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time
Severity ?
No CVSS data available.
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard Kibana Plugin |
Affected:
unspecified , < 5.6.8-7
(custom)
Affected: unspecified , < 6.x.y-12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard Kibana Plugin",
"vendor": "floragunn",
"versions": [
{
"lessThan": "5.6.8-7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "6.x.y-12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-23T13:30:26",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard Kibana Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.6.8-7"
},
{
"version_affected": "\u003c",
"version_value": "6.x.y-12"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13423",
"datePublished": "2019-08-23T13:30:26",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13421 (GCVE-0-2019-13421)
Vulnerability from cvelistv5 – Published: 2019-08-23 13:26 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database.
Severity ?
No CVSS data available.
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard |
Affected:
unspecified , < 23.1
(custom)
|
Credits
This security vulnerability was found by Torsten Lutz and Oliver Streicher of SySS
GmbH.
E-Mail: torsten.lutz (at) syss.de
Public Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Torsten_Lutz.asc
Key Fingerprint: DAB2 86A6 C099 1350 9FCB FB9B 94E8 DC24 BAEC ACC8
E-Mail: oliver.streicher (at) syss.de
Public Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Oliver_Streicher.asc
Key Fingerprint: 1973 E30F 7966 F45E CCAB 1BF1 3F08 A35E DCB8 35D6
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:25.010Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard",
"vendor": "floragunn",
"versions": [
{
"lessThan": "23.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This security vulnerability was found by Torsten Lutz and Oliver Streicher of SySS\nGmbH.\n\nE-Mail: torsten.lutz (at) syss.de\nPublic Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Torsten_Lutz.asc\nKey Fingerprint: DAB2 86A6 C099 1350 9FCB FB9B 94E8 DC24 BAEC ACC8\n\nE-Mail: oliver.streicher (at) syss.de\nPublic Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Oliver_Streicher.asc\nKey Fingerprint: 1973 E30F 7966 F45E CCAB 1BF1 3F08 A35E DCB8 35D6"
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-23T13:26:46",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "23.1"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This security vulnerability was found by Torsten Lutz and Oliver Streicher of SySS\nGmbH.\n\nE-Mail: torsten.lutz (at) syss.de\nPublic Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Torsten_Lutz.asc\nKey Fingerprint: DAB2 86A6 C099 1350 9FCB FB9B 94E8 DC24 BAEC ACC8\n\nE-Mail: oliver.streicher (at) syss.de\nPublic Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Oliver_Streicher.asc\nKey Fingerprint: 1973 E30F 7966 F45E CCAB 1BF1 3F08 A35E DCB8 35D6"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522: Insufficiently Protected Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1"
},
{
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt",
"refsource": "MISC",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt"
}
]
},
"source": {
"advisory": "",
"defect": [],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13421",
"datePublished": "2019-08-23T13:26:46",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:25.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13415 (GCVE-0-2019-13415)
Vulnerability from cvelistv5 – Published: 2019-08-13 18:59 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see.
Severity ?
No CVSS data available.
CWE
- CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard |
Affected:
before 24.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:25.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard",
"vendor": "floragunn",
"versions": [
{
"status": "affected",
"version": "before 24.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-13T18:59:59",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard",
"version": {
"version_data": [
{
"version_value": "before 24.3"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-280: Improper Handling of Insufficient Permissions or Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13415",
"datePublished": "2019-08-13T18:59:59",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:25.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13416 (GCVE-0-2019-13416)
Vulnerability from cvelistv5 – Published: 2019-08-13 18:58 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s).
Severity ?
No CVSS data available.
CWE
- CWE-285 - Improper Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard |
Affected:
before 24.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard",
"vendor": "floragunn",
"versions": [
{
"status": "affected",
"version": "before 24.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-13T18:58:45",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13416",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard",
"version": {
"version_data": [
{
"version_value": "before 24.3"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13416",
"datePublished": "2019-08-13T18:58:45",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13419 (GCVE-0-2019-13419)
Vulnerability from cvelistv5 – Published: 2019-08-13 14:28 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked.
Severity ?
No CVSS data available.
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard |
Affected:
unspecified , < 23.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard",
"vendor": "floragunn",
"versions": [
{
"lessThan": "23.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311: Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-13T14:28:44",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13419",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "23.1"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-311: Missing Encryption of Sensitive Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13419",
"datePublished": "2019-08-13T14:28:44",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13420 (GCVE-0-2019-13420)
Vulnerability from cvelistv5 – Published: 2019-08-13 14:25 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard versions before 21.0 had an timing side channel issue when using the internal user database.
Severity ?
No CVSS data available.
CWE
- CWE-208 - Information Exposure Through Timing Discrepancy
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard |
Affected:
unspecified , < 21.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-21/changelog-searchguard-6-x-21_0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard",
"vendor": "floragunn",
"versions": [
{
"lessThan": "21.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard versions before 21.0 had an timing side channel issue when using the internal user database."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208: Information Exposure Through Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-13T14:25:43",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-21/changelog-searchguard-6-x-21_0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "21.0"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard versions before 21.0 had an timing side channel issue when using the internal user database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208: Information Exposure Through Timing Discrepancy"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-21/changelog-searchguard-6-x-21_0",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-21/changelog-searchguard-6-x-21_0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13420",
"datePublished": "2019-08-13T14:25:43",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13418 (GCVE-0-2019-13418)
Vulnerability from cvelistv5 – Published: 2019-08-12 21:12 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized.
Severity ?
No CVSS data available.
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard |
Affected:
unspecified , < 24.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard",
"vendor": "floragunn",
"versions": [
{
"lessThan": "24.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311: Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-12T21:12:11",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "24.0"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-311: Missing Encryption of Sensitive Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13418",
"datePublished": "2019-08-12T21:12:11",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13417 (GCVE-0-2019-13417)
Vulnerability from cvelistv5 – Published: 2019-08-12 20:51 – Updated: 2024-08-04 23:49
VLAI?
Summary
Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated.
Severity ?
No CVSS data available.
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| floragunn | Search Guard |
Affected:
unspecified , < 24.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Search Guard",
"vendor": "floragunn",
"versions": [
{
"lessThan": "24.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-12T20:51:23",
"orgId": "9f311a02-c44f-4938-8530-9219246b8255",
"shortName": "floragunn"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search-guard.com/cve-advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@search-guard.com",
"ID": "CVE-2019-13417",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Search Guard",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "24.0"
}
]
}
}
]
},
"vendor_name": "floragunn"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search-guard.com/cve-advisory/",
"refsource": "MISC",
"url": "https://search-guard.com/cve-advisory/"
},
{
"name": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0",
"refsource": "CONFIRM",
"url": "https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
"assignerShortName": "floragunn",
"cveId": "CVE-2019-13417",
"datePublished": "2019-08-12T20:51:23",
"dateReserved": "2019-07-08T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}