CVE-2026-4819
Credential Exposure via Audit Logging in Search Guard FLX Kibana
Publication date: 2026-03-31
Last updated on: 2026-04-03
Assigner: floragunn GmbH
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| search-guard | flx | From 1.0.0 (inc) to 4.1.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-532 | The product writes sensitive information to a log file. |
| CWE-522 | The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Search Guard FLX versions from 1.0.0 up to 4.0.1, where the audit logging feature might inadvertently log user credentials when users log into Kibana.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability involves the audit logging feature potentially logging user credentials when users log into Kibana. Logging sensitive information such as user credentials can lead to unauthorized access or exposure of personal data.
Such exposure of sensitive authentication data may impact compliance with data protection standards and regulations like GDPR and HIPAA, which require the protection of personal and sensitive information to prevent unauthorized disclosure.
Therefore, organizations using affected versions of Search Guard FLX might face increased risk of non-compliance due to improper handling and logging of sensitive user credentials.
How can this vulnerability impact me? :
The vulnerability can lead to sensitive user credentials being recorded in audit logs, which could be accessed by unauthorized individuals. This exposure increases the risk of credential theft and unauthorized access to systems.