← voltar
CVE-2019-13421

CVE-2019-13421

EPSS 1.1%CWE-522
Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database.
Produtos afetados
floragunn · Search Guard

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1https://search-guard.com/cve-advisory/https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt