CNNVD-202510-3993 Information
CNNVD ID
CNNVD-202510-3993
Related CVE
- CNNVD Published: 2025-10-29
Description (Chinese)
Floragunn Search Guard FLX是德国Floragunn公司的一款用于保护Elastic Search的安全组件。 Floragunn Search Guard FLX 3.1.1及之前版本存在安全漏洞,该漏洞源于对象值字段的字段级安全规则执行不当,可能导致攻击者推断或重建被排除对象的原始内容。
Description (English)
Floragunn Search Guard FLX is a security component of the German company Floragunn used to protect Elastic Search. There is a security loophole in Floragunn Search Guard FLX 3.1.1 and earlier versions, which stems from the improper implementation of field-level security rules in object value fields, which may lead the attackers to extrapolate or reconstruct the original content of the excluded object.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Floragunn
Published
2025-10-29
Last Modified
2026-02-24
References
https://docs.search-guard.com/latest/changelog-searchguard-flx-3_1_2 https://search-guard.com/cve-advisory/
Patch
https://search-guard.com/cve-advisory/
Share on: