DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-12539

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-12539

CGA ID

CGA-3pg7-7wqx-48xh

Severity

Unknown

Summary

Elasticsearch Incorrect Authorization vulnerability

Description

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.

References

  • https://images.chainguard.dev/security/CGA-3pg7-7wqx-48xh

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images