logo

Database

Authentication mechanism absence or evasion In org.opensearch.plugin:opensearch-security

Description

OpenSearch has a bypass of REST Layer Authorization Using Malformed Paths

Description

A flaw was identified in the OpenSearch REST layer that could allow authorization checks to be bypassed when processing certain malformed HTTP requests. This could permit unauthorized access to restricted API endpoints in environments that rely on REST-layer authorization.

Transport-level authorization is not affected by this issue.

Impact

The default OpenSearch distribution is not affected by this issue. REST actions in the default distribution have corresponding transport actions that independently enforce authorization. Custom plugins that register REST actions without a corresponding transport action may be affected, potentially allowing unauthorized read access to those endpoints.

Patches

This issue is fixed in OpenSearch 2.19.0. Users should upgrade to 2.19.0 or later.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. GHSA-83x9-vc3c-hghc2. GCVE-GHSA-83x9-vc3c-hghc

References

1. https://github.com/opensearch-project/security/security/advisories/GHSA-83x9-vc3c-hghc

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.