CVE-2019-13416 - AskarLabs CVE Database

CVE-2019-13416

Vendor Floragunn

Product Search Guard

Weakness CWE-285

Published August 13, 2019

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s).

Key dates

02Disclosure timeline

August 13, 2019 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-13416

Related vulnerabilities

04Related CVE

CVE-2026-32704 SiYuan renderSprig: missing admin check allows any user to read full workspace DB CVE-2025-2639 JIZHICMS Article release.html improper authorization CVE-2024-47053 Improper Authorization in Reporting API CVE-2026-31836 Mass Assignment Privilege Escalation in Checkmate CVE-2018-10861