CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-23447

An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.5%

CVSS Severity

CVSS v3 Score 5.3

References

https://discuss.elastic.co/t/elastic-network-drive-connector-8-12-1-security-update-esa-2024-02/352687
https://www.elastic.co/community/security
https://discuss.elastic.co/t/elastic-network-drive-connector-8-12-1-security-update-esa-2024-02/352687
https://www.elastic.co/community/security

Products affected by CVE-2024-23447

Elastic » Network Drive Connector » Version: N/A

cpe:2.3:a:elastic:network_drive_connector:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-23447

Products

Pricing

Contact Us