Search Guard FLX Field-Level Security Vulnerability in Object-Valued Fields

A vulnerability exists in Search Guard FLX versions 3.1.1 and earlier, where Field-Level Security (FLS) rules are not properly applied to object-valued fields. Although FLS exclusion rules can remove the object from the source data returned by search operations, the object's child attributes remain accessible to search queries. This flaw enables adversaries to infer or reconstruct the original contents of the excluded object.

Impact

Exploitation of this vulnerability allows unauthorized access to object members in search queries, potentially leading to the disclosure of sensitive information.

Remediation

Users are advised to upgrade to Search Guard FLX version 3.1.2 or later. If an immediate upgrade is not possible, and FLS exclusion rules are applied to object-valued attributes, an additional exclusion rule should be added for the object's members. For example, if the exclusion rule ~object is used, add ~object.* to exclude the child attributes as well.