CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Elastic: >> Elasticsearch >> 8.16.1 Security Vulnerabilities

CVE-2024-12539

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.

CVSS Score

6.5

EPSS Score

0.002

Published

2024-12-17

Page 1

Vulnerabilities

Vulnerable Software

Elastic: >> Elasticsearch >> 8.16.1 Security Vulnerabilities

Products

Pricing

Contact Us