CVE-2024-12539

An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt