CVE-2019-13417

2020-04-0417:27:20

redhat.com

access.redhat.com

0.001 Low

EPSS

Percentile

38.7%

JSON

Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated.

References

bugzilla.redhat.com/show_bug.cgi?id=1749222

nvd.nist.gov/vuln/detail/CVE-2019-13417

search-guard.com/cve-advisory/

www.cve.org/CVERecord?id=CVE-2019-13417

0.001 Low

EPSS

Percentile

38.7%

JSON

Related for RH:CVE-2019-13417