CVE-2026-4818
6.8
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| floragunn | Search Guard FLX | 3.0.0 <= 4.0.1 | affected |
Weaknesses
- CWE-285: CWE-285
- CWE-862: CWE-862
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://search-guard.com/cve-advisory/
- https://docs.search-guard.com/latest/changelog-searchguard-flx-4_1_0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.