CVE-2019-13415

Опубликовано: 13 авг. 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 3.5

EPSS Низкий

Описание

Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see.

Ссылки

https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3
Release Notes
Vendor Advisory
https://search-guard.com/cve-advisory/
Vendor Advisory
https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3
Release Notes
Vendor Advisory
https://search-guard.com/cve-advisory/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:*:*:*

Версия до 24.3 (исключая)

EPSS

Процентиль: 42%

0.00204

Низкий

6.5 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-280

NVD-CWE-Other

Связанные уязвимости

CVE-2019-13415

CVSS3: 4.3

redhat

больше 6 лет назад

Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see.

GHSA-h875-c9g6-3qqq

github

больше 3 лет назад

Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see.

EPSS

Процентиль: 42%

0.00204

Низкий

6.5 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-280

NVD-CWE-Other