Issue in Anomaly Detection with document and field level rules in numerical feature aggregations

OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. There is an issue with the application of document and field level restrictions in the Anomaly Detection plugin, where users with the Anomaly Detector role can read aggregated numerical data (e.g. averages, sums) of fields that are otherwise restricted to them. This issue only affects authenticated users who were previously granted read access to the indexes containing the restricted fields. This issue has been patched in versions 1.3.8 and 2.6.0. There are no known workarounds for this issue.

N/A

跨界内存读

OpenSearch Project 缓冲区错误漏洞

OpenSearch Project是OpenSearch Project开源的一个社区驱动的、Apache 2.0许可的开放源代码搜索和分析套件。使其易于获取、搜索、可视化和分析数据。 OpenSearch 存在缓冲区错误漏洞。目前尚无此漏洞的相关信息，请随时关注CNNVD或厂商公告。

N/A

N/A