PT-2026-54765 · Elastic+1 · Elasticsearch+1
Published
2026-07-01
·
Updated
2026-07-01
·
CVE-2026-46487
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GeoNetwork versions 4.0.0-alpha.1 through 4.4.10
Description
An authorization bypass exists in the Elasticsearch-backed search API. The search proxy layer is designed to inject access-control and visibility filters into requests before they reach the Elasticsearch index. However, under certain conditions, this filtering step is skipped, allowing unauthenticated users to retrieve indexed metadata records that should be restricted. This failure bypasses multiple security layers, including group-based record visibility, draft record exclusion, record ownership checks, and portal-specific filtering, leading to unauthorized information disclosure.
Recommendations
Update GeoNetwork to a version later than 4.4.10.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Elasticsearch
Geonetwork