Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-22147

Опубликовано: 15 сент. 2021
Источник: debian

Описание

Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
elasticsearchremovedpackage

Связанные уязвимости

ubuntu логотип

CVE-2021-22147

CVSS3: 6.5
ubuntu
больше 4 лет назад

Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.

redhat логотип

CVE-2021-22147

CVSS3: 5.7
redhat
больше 4 лет назад

Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.

nvd логотип

CVE-2021-22147

CVSS3: 6.5
nvd
больше 4 лет назад

Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.

github логотип

GHSA-45h5-r968-5xr7

CVSS3: 6.5
github
больше 4 лет назад

Exposure of sensitive information in Elasticsearch