Security Advisory

CVE-2024-12539

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-17 20:50:04

Last updated 2024-12-17 21:23:57

Assigner elastic

State PUBLISHED

Description

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.

← Browse all CVEs View on cve.org ↗