Lucene search
K

5 matches found

NVD
NVD
added 2024/07/09 10:15 p.m.21 views

CVE-2024-39900

OpenSearch Dashboards Reports allows ‘Report Owner’ export and share reports from OpenSearch Dashboards. An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when...

5.4CVSS0.00305EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/09 9:17 p.m.14 views

CVE-2024-39900 OpenSearch Dashboards Reports does not properly restrict access to private tenant resources

OpenSearch Dashboards Reports allows ‘Report Owner’ export and share reports from OpenSearch Dashboards. An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when...

5.4CVSS6.8AI score0.00305EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 9:17 p.m.39 views

CVE-2024-39900 OpenSearch Dashboards Reports does not properly restrict access to private tenant resources

OpenSearch Dashboards Reports allows ‘Report Owner’ export and share reports from OpenSearch Dashboards. An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when...

5.4CVSS0.00305EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 9:14 p.m.39 views

CVE-2024-39901 OpenSearch Observability does not properly restrict access to private tenant resources

OpenSearch Observability is collection of plugins and applications that visualize data-driven events. An issue in the OpenSearch observability plugins allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when...

4.2CVSS0.0029EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.6 views

PT-2024-28718 · Unknown +1 · Opensearch +1

Name of the Vulnerable Software and Affected Versions: OpenSearch versions prior to 2.14 Description: An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessi...

5.4CVSS7AI score0.00305EPSS
Exploits0References11
Rows per page
Query Builder