In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Floragunn |
|
| Search-guard |
|
No data.
References
History
Fri, 03 Apr 2026 14:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Search-guard
Search-guard flx |
|
| CPEs | cpe:2.3:a:search-guard:flx:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Search-guard
Search-guard flx |
Wed, 01 Apr 2026 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Floragunn
Floragunn search Guard Flx |
|
| Vendors & Products |
Floragunn
Floragunn search Guard Flx |
Tue, 31 Mar 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 31 Mar 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana. | |
| Title | Search Guard audit logs can contain under certain conditions user credentials | |
| Weaknesses | CWE-522 CWE-532 |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: floragunn
Published: 2026-03-31T14:57:56.792Z
Updated: 2026-03-31T17:23:46.025Z
Reserved: 2026-03-25T13:44:37.576Z
Link: CVE-2026-4819
Vulnrichment
Updated: 2026-03-31T17:23:42.774Z
NVD
Status : Analyzed
Published: 2026-03-31T16:16:34.730
Modified: 2026-04-03T13:49:07.970
Link: CVE-2026-4819
Redhat
No data.