Lucene search
PRIOn knowledge basePRION:CVE-2022-41918HistoryNov 15, 2022 - 11:15 p.m.
Authorization
2022-11-1523:15:00
PRIOn knowledge base
www.prio-n.com
6
opensearch
fine-grained access control
vulnerability
0.001 Low
EPSS
Percentile
33.0%
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. There is an issue with the implementation of fine-grained access control rules (document-level security, field-level security and field masking) where they are not correctly applied to the indices that back data streams potentially leading to incorrect access authorization. OpenSearch 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to update. There are no known workarounds for this issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| opensearch | lt | 1.3.7 | |
| opensearch | ge | 2.0.0 | |
| opensearch | lt | 2.4.0 |
Related
osv
osv
OpenSearch has issue with fine-grained access control of indices backing data streams
2023-03-07 20:04:42
CVE-2022-41918
2022-11-15 23:15:28
cve
cve
CVE-2022-41918
2022-11-15 23:15:28
github
github
debiancve
debiancve
CVE-2022-41918
2022-11-15 23:15:28
nvd
nvd
CVE-2022-41918
2022-11-15 23:15:28
cvelist
cvelist