CVE-2024-39900
CVE-2024-39900
Título es
CVE-2024-39900
Mar, 09/07/2024 – 22:15
Tipo
CWE-639
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-39900
Descripción en
OpenSearch Dashboards Reports allows ‘Report Owner’ export and share reports from OpenSearch Dashboards. An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessing resources in a private tenant, leading to potential data being revealed. The patches are included in OpenSearch 2.14.
10/07/2024
10/07/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
5.40
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
Enviar en el boletín
Off
