PT-2026-29281 · Florian Bruhin · Search Guard Flx
Published
2026-03-31
·
Updated
2026-03-31
·
CVE-2026-4819
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Search Guard FLX versions 1.0.0 through 4.0.1
Description
The audit logging feature in Search Guard FLX may log user credentials from users logging into Kibana.
Recommendations
Update to a version later than 4.0.1.
Fix
Insertion into Log File
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Search Guard Flx