CVE-2019-13421

Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt