CVE-2024-23447 Information

Description

An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user.

Reference

https://discuss.elastic.co/t/elastic-network-drive-connector-8-12-1-security-update-esa-2024-02/352687 https://www.elastic.co/community/security