CVE-2025-12149 PUBLISHED

Unauthorized access to documents protected by Document-Level Security (DLS), when Signals watches include a search query involving protected documents

Assigner: floragunn
Reserved: 24.10.2025 Published: 14.11.2025 Updated: 14.11.2025

In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly enforced elsewhere, when the search is triggered from a Signals watch, the DLS rule is not enforced, allowing access to all documents in the queried indices.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score: 6

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	High	Confidentiality	None
Attack Complexity	Low	Integrity	None	Integrity	None
Attack Requirements	Present	Availability	None	Availability	None
Privileges Required	Low
User Interaction	None

CVSS 4.0

Product Status

Vendor	floragunn
Product	Search Guard FLX
Versions	Default: unaffected affected from 1.0.0 to 3.1.2 (incl.)

References

Problem Types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor CWE
CWE-863 Incorrect Authorization CWE