Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-12539

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security ...

6.5CVSS6.5AI score0.00393EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/12/17 9:51 p.m.13 views

CVE-2024-12539

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow...

6.5CVSS6.7AI score0.00393EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2024/12/17 9:30 p.m.4 views

net.sc8s:elastic-testkit_2.13 (=0.96.0), nl.basjes.parse.useragent:yauaa-elasticsearch-8 (=7.29.0) +3 more potentially affected by CVE-2024-12539 via org.elasticsearch:elasticsearch (>=8.16.0 <=8.16.1)

org.elasticsearch:elasticsearch MAVEN version =8.16.0, =8.16.0, =8.16.0, =8.16.0, =8.16.1 Source cves: CVE-2024-12539 Source advisory: OSV:GHSA-5MPW-4546-2WCR...

6.5CVSS6.5AI score0.00393EPSS
Exploits0
NVD
NVD
added 2024/12/17 9:15 p.m.28 views

CVE-2024-12539

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow...

6.5CVSS0.00393EPSS
Exploits0References1
Chainguard
Chainguard
added 2024/12/17 9:15 p.m.9 views

CVE-2024-12539 vulnerabilities

Vulnerabilities for packages: ruby3.3-elasticsearch, elasticsearch, ruby3.2-elasticsearch, elasticsearch-fips...

6.5CVSS6.3AI score0.00393EPSS
Exploits0
Wolfi
Wolfi
added 2024/12/17 9:15 p.m.14 views

CVE-2024-12539 vulnerabilities

Vulnerabilities for packages: ruby3.2-elasticsearch, ruby3.3-elasticsearch...

6.5CVSS6.3AI score0.00393EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/12/17 9:15 p.m.10 views

CVE-2024-12539

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow...

6.5CVSS6.6AI score0.00393EPSS
Exploits0References2
Circl
Circl
added 2024/12/17 8:54 p.m.6 views

CVE-2024-12539

creationtimestamp| type| source ---|---|--- 2024-12-17 20:54:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113670150654187068 2024-12-17 21:24:16+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113670268893584009 2024-12-17 23:28:31+00:00| seen|...

6.5CVSS6.3AI score0.00393EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/17 8:50 p.m.14 views

CVE-2024-12539 Elasticsearch Incorrect Authorization

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow...

6CVSS6.8AI score0.00393EPSS
Exploits0References1
OSV
OSV
added 2024/12/17 8:50 p.m.8 views

CVE-2024-12539 Elasticsearch Incorrect Authorization

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow...

6CVSS6.3AI score0.00393EPSS
Exploits0References3
Elastic
Elastic
added 2024/12/17 8:29 p.m.8 views

Elasticsearch 8.16.2 / 8.17.0 Security Update

Elasticsearch Incorrect Authorization ESA-2024-46 An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow...

6.5CVSS7AI score0.00393EPSS
Exploits0
Rows per page
Query Builder