3 matches found
Information Disclosure
opensearch-anomaly-detection is vulnerable to Information Disclosure. The vulnerability exists because of the lack of access restrictions in field-level rules in numerical feature aggregations of the library, allowing a user with the Anomaly Detector role to read aggregated numerical data...
Design/Logic Flaw
OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. There is an issue with the application of document and field level restrictions in the Anomaly Detection plugin, where users with the Anomaly Detector role can read aggregated numerical data e.g. averages,...
CVE-2023-23933 Issue in Anomaly Detection with document and field level rules in numerical feature aggregations
OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. There is an issue with the application of document and field level restrictions in the Anomaly Detection plugin, where users with the Anomaly Detector role can read aggregated numerical data e.g. averages,...