Vulnerabilities > Search Guard > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-23 | CVE-2019-13423 | Unspecified vulnerability in Search-Guard Search Guard Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. | 8.8 |
| 2019-08-13 | CVE-2019-13419 | Information Exposure vulnerability in Search-Guard Search Guard Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked. | 7.5 |
| 2019-08-12 | CVE-2019-13418 | Improper Validation of Array Index vulnerability in Search-Guard Search Guard Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized. | 7.5 |