exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2024-12539

около 1 года назад

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.

CVSS3: 6.5

EPSS: Низкий

CVE-2024-12539

около 1 года назад

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.

CVSS3: 6.5

EPSS: Низкий

CVE-2024-12539

около 1 года назад

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.

CVSS3: 6.5

EPSS: Низкий

CVE-2024-12539

около 1 года назад

An issue was discovered where improper authorization controls affected ...

CVSS3: 6.5

EPSS: Низкий

GHSA-5mpw-4546-2wcr

около 1 года назад

Elasticsearch Incorrect Authorization vulnerability

EPSS: Низкий

BDU:2025-00489

около 1 года назад

Уязвимость поисковой системы Elasticsearch, связанная с неправильной авторизацией, позволяющая нарушителю получить доступ к защищаемой информации

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-12539 An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.	CVSS3: 6.5	0% Низкий	около 1 года назад
CVE-2024-12539 An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.	CVSS3: 6.5	0% Низкий	около 1 года назад
CVE-2024-12539 An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.	CVSS3: 6.5	0% Низкий	около 1 года назад
CVE-2024-12539 An issue was discovered where improper authorization controls affected ...	CVSS3: 6.5	0% Низкий	около 1 года назад
GHSA-5mpw-4546-2wcr Elasticsearch Incorrect Authorization vulnerability		0% Низкий	около 1 года назад
BDU:2025-00489 Уязвимость поисковой системы Elasticsearch, связанная с неправильной авторизацией, позволяющая нарушителю получить доступ к защищаемой информации	CVSS3: 4.3	0% Низкий	около 1 года назад

Уязвимостей на страницу