Primary

Context

Search Guard FLX Audit Logging Vulnerability in Kibana

Vulnerability

Patched

A vulnerability exists in Search Guard FLX versions 1.0.0 prior to 4.0.1, where the audit logging feature may inadvertently log user credentials during login to Kibana. This issue could lead to unauthorized access to sensitive information.

Impact

Exposed user credentials in audit logs, potentially leading to unauthorized access.

Remediation

Users can update to Search Guard FLX version 4.1.0 or disable request-body logging. To disable request-body logging globally, set 'searchguard.audit.log_request_body' to false. Alternatively, request bodies can be excluded for specific endpoints by adding them to 'searchguard.audit.ignore_request_bodies'.

Added: Mar 31, 2026, 4:25 PM

Updated: Mar 31, 2026, 4:25 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

5.6

remediation

8.3

relevance

5.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

5.6

remediation

8.3

relevance

5.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Search Guard FLX Audit Logging Vulnerability in Kibana

Vulnerability

Impact

Remediation

Affected Products

Search Guard FLX

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating