Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated.
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
floragunn Search Guard 信息泄露漏洞
Vulnerability Description
floragunn Search Guard是德国floragunn公司的一款用于Elasticsearch和ELK的开源插件,它主要提供加密、身份验证、授权管理和日志审计等功能。 floragunn Search Guard 24.0之前版本中存在信息泄露漏洞。该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A