2019-08-23 13:26:46
floragunn
PUBLISHED
Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database.