5 matches found
CVE-2024-23447
An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user...
Code injection
An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user...
CVE-2024-23447 Elastic Network Drive Connector Improper Access Control
An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user...
CVE-2024-23447 Elastic Network Drive Connector Improper Access Control
An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user...
CVE-2024-23447
The CVE-2024-23447 entry relates to Elastic Network Drive Connector and the Windows Network Drive Connector, where a misconfiguration of Document Level Security (explicit allow write and deny read) allows a user to see a document in search results even though it is not accessible in the network d...