Search Guard FLX
Easy fix2 remedies
cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:*:*
Easy fix2 remedies
- <= 3.1.1
Search Guard Field Masking Vulnerability on IP Fields
Vulnerability
Patched
A vulnerability exists in Search Guard versions 3.1.1 and earlier, where Field Masking (FM) rules are not properly applied to IP Address fields. Although the redaction works in the source document during search operations, it fails to prevent the retrieval of documents based on specific IP values. This oversight allows for the reconstruction of the original field contents. As a temporary measure, users can apply Field Level Security (FLS) to the affected fields instead of relying on field masking.
Impact
Exploitation of this vulnerability could lead to unauthorized access to IP field data that is supposed to be masked, allowing for the reconstruction of original field contents.
Remediation
Users are advised to upgrade to Search Guard version 3.1.2 or later, where this vulnerability has been fixed. If an immediate upgrade is not possible, Field Level Security (FLS) can be applied to the affected IP fields as a workaround.
Added: Oct 29, 2025, 4:25 PM
Updated: Oct 29, 2025, 4:25 PM
Vulnerability Rating
Custom Algorithm
spread
1.4impact
2.5exploitability
4.9remediation
7.9relevance
0.9threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.