Lucene search
K

4 matches found

NVD
NVD
added 2022/08/12 6:15 p.m.15 views

CVE-2022-35980

OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure vulnerability. Requests to an OpenSearch cluster configured with advanced access control features...

7.5CVSS0.00918EPSS
Exploits0References3
OSV
OSV
added 2022/08/12 5:40 p.m.35 views

CVE-2022-35980 OpenSearch vulnerable to Improper Authorization of Index Containing Sensitive Information

OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure vulnerability. Requests to an OpenSearch cluster configured with advanced access control features...

7.5CVSS7.2AI score0.00918EPSS
Exploits0References5
OSV
OSV
added 2022/08/12 5:31 p.m.29 views

GHSA-F4QR-F4XX-HJXW OpenSearch vulnerable to Improper Authorization of Index Containing Sensitive Information

Impact Requests to an OpenSearch cluster configured with advanced access control features document level security DLS, field level security FLS, and/or field masking will not be filtered when the query's search pattern matches an aliased index. OpenSearch Dashboards creates an alias to .kibana by...

7.5CVSS7.5AI score0.00918EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/08/12 12:0 a.m.4 views

PT-2022-23078 · Unknown · Opensearch +2

Name of the Vulnerable Software and Affected Versions: OpenSearch Security versions 2.0.0.0 through 2.1.0.0 Description: The issue concerns an information disclosure vulnerability in OpenSearch Security, a plugin for OpenSearch that provides encryption, authentication, and authorization. When an...

7.5CVSS7.2AI score0.00918EPSS
Exploits0References8
Rows per page
Query Builder