Search Guard Security Vulnerabilities and Issues — Search Guard CVE List

Lucene search

Search-guardSearch Guard

4 matches found

CVE•added 2019/08/23 2:15 p.m.•44 views

CVE-2019-13422

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login.

6.1CVSS6.1AI score0.00185EPSS

CVE•added 2019/08/13 7:15 p.m.•37 views

CVE-2019-13415

Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see.

6.5CVSS6.2AI score0.00215EPSS

CVE•added 2019/04/09 6:29 p.m.•34 views

CVE-2018-20698

The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set.

6.1CVSS6.5AI score0.00197EPSS

CVE•added 2019/08/13 7:15 p.m.•34 views

CVE-2019-13416

Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s).

6.5CVSS6.3AI score0.00215EPSS