PT-2026-41472 · Linux Foundation+2 · Opensearch+9
Published
2026-04-30
·
Updated
2026-05-29
CVSS v3.1
2.2
Low
| Vector | AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
OpenSearch versions prior to 2.19.4
OpenSearch versions prior to 3.2.0
Description
A flaw in the OpenSearch Security plugin occurs during the handling of index rollover requests. When a request includes an explicit target index name, the security plugin fails to properly evaluate access control permissions for that target. Consequently, a user possessing
indices:admin/rollover permissions on a source index can create a new index with a name they are not authorized to use, effectively rolling over to a target index name outside their authorized index patterns.Recommendations
Update to version 2.19.4.
Update to version 3.2.0.
Grant the
indices:admin/rollover permission only to fully trusted users.Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opensearch
Opensearch-Ingest-Attachment-Plugin
Opensearch-Mapper-Annotated-Text-Plugin
Opensearch-Mapper-Murmur3-Plugin
Opensearch-Mapper-Size-Plugin
Opensearch-Repository-Hdfs-Plugin
Opensearch-Repository-S3-Plugin
Opensearch-Store-Mb-Plugin
Opensearch-Transport-Nio-Plugin
Org.Opensearch.Plugin:Opensearch-Security