← Zuruck zu CVEs
CVE-2019-13416
MEDIUM6.5
Beschreibung
Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s).
CVE Details
CVSS v3.1 Bewertung6.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht8/13/2019
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
search-guard:search_guard
Schwachen (CWE)
CWE-285
Referenzen
https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3(security@search-guard.com)
https://search-guard.com/cve-advisory/(security@search-guard.com)
https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3(af854a3a-2127-422b-91ae-364da2661108)
https://search-guard.com/cve-advisory/(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.