CVE-2019-13417

Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated.
References
Configurations

Configuration 1

cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:*:*:*

Information

Published : 2019-08-12 09:15

Updated : 2019-10-09 11:46


NVD link : CVE-2019-13417

Mitre link : CVE-2019-13417

Products Affected
No products.
CWE