Primary

Context

Search Guard FLX Document Access Control Bypass Vulnerability

Vulnerability

A vulnerability exists in Search Guard FLX versions 3.1.0 prior to 4.0.0, when enterprise modules are disabled. It allows authenticated users to craft requests that bypass access controls on data streams, enabling them to read documents without the necessary privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized access to documents in data streams, bypassing established access controls.

Remediation

Users can upgrade to Search Guard FLX version 4.0.1, which addresses this vulnerability. Before upgrading, it is recommended to review the use of selector-based queries and data streams to ensure proper access control, and to validate these changes in a non-production environment.

Added: Dec 1, 2025, 6:19 PM

Updated: Dec 1, 2025, 6:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Search Guard FLX Document Access Control Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating