CVE-2021-22147 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Information disclosure |
Description | A flaw was discovered in Elasticsearch versions 7.11.0 to 7.13.4 where document and field level security was not applied to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1884 | elasticsearch | 7.10.1-1 | Critical | Not affected |
References |
---|
https://discuss.elastic.co/t/elastic-stack-7-14-0-security-update/280344 |