{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-02T03:25:09.049","vulnerabilities":[{"cve":{"id":"CVE-2019-13416","sourceIdentifier":"security@search-guard.com","published":"2019-08-13T19:15:16.500","lastModified":"2026-06-17T02:16:44.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on the local cluster ignoring their roles on the remote cluster(s)."},{"lang":"es","value":"Search Guard versiones anteriores a la 24.3 tenían un problema cuando Cross Cluster Search (CCS) estaba habilitado, los usuarios autenticados siempre están autorizados en el clúster local ignorando sus roles en los clústeres remotos."}],"affected":[{"source":"security@search-guard.com","affectedData":[{"vendor":"floragunn","product":"Search Guard","versions":[{"version":"before 24.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:N/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@search-guard.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:*:*:*","versionEndExcluding":"24.3","matchCriteriaId":"0C6B3FE1-AB00-462F-B362-6F4CDA0139A6"}]}]}],"references":[{"url":"https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3","source":"security@search-guard.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://search-guard.com/cve-advisory/","source":"security@search-guard.com","tags":["Vendor Advisory"]},{"url":"https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://search-guard.com/cve-advisory/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}