Описание
Elasticsearch Incorrect Authorization vulnerability
An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.
Пакеты
org.elasticsearch:elasticsearch
>= 8.16.0, < 8.16.2
8.16.2
Связанные уязвимости
An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.
An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.
An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.
An issue was discovered where improper authorization controls affected ...
Уязвимость поисковой системы Elasticsearch, связанная с неправильной авторизацией, позволяющая нарушителю получить доступ к защищаемой информации