Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user gaining access to unauthorized engines.
[
{
"product": "Elastic Enterprise Search",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 7.14.0"
}
]
}
]