CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
Confidence
Low
OpenSearch software package vulnerability related to unintentional access to resources of
of users in the Dashboards Reports plugin. Exploitation of the vulnerability could allow an attacker to compromise the integrity of data.
impact data integrity
OpenSearch software package vulnerability related to unintended access to user resources in Observability plugin.
users in the Observability plugin. Exploitation of the vulnerability could allow an attacker to compromise data integrity.
impact data integrity
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | opensearch | < 2.14.0-1 | UNKNOWN |