Vulnerabilities > CVE-2019-13420 - Information Exposure Through Discrepancy vulnerability in Search-Guard Search Guard

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
search-guard
CWE-203
NVD
Published: 2019-08-13
Updated: 2021-09-14

Summary

Search Guard versions before 21.0 had an timing side channel issue when using the internal user database.

Vulnerable Configurations

Part Description Count
Application
Search-Guard
96

Common Weakness Enumeration (CWE)

References