← volver
CVE-2019-13421

CVE-2019-13421

EPSS 1.1%CWE-522
Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database.
Productos afectados
floragunn · Search Guard

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1https://search-guard.com/cve-advisory/https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt