Opensearch Observability
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Opensearch Observability.
By the Year
In 2026 there have been 0 vulnerabilities in Opensearch Observability. Observability did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 5.40 |
It may take a day or so for new Observability vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Opensearch Observability Security Vulnerabilities
OpenSearch Observability Plugin Data Leak <2.14
CVE-2024-39901
5.4 - Medium
- July 09, 2024
OpenSearch Observability is collection of plugins and applications that visualize data-driven events. An issue in the OpenSearch observability plugins allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessing resources in a private tenant, leading to potential data being revealed. The patches are included in OpenSearch 2.14.
Insecure Direct Object Reference / IDOR
OpenSearch Dashboards Reports Unchecked Tenant Access (2.13)
CVE-2024-39900
5.4 - Medium
- July 09, 2024
OpenSearch Dashboards Reports allows Report Owner export and share reports from OpenSearch Dashboards. An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessing resources in a private tenant, leading to potential data being revealed. The patches are included in OpenSearch 2.14.
Insecure Direct Object Reference / IDOR
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Opensearch Observability or by Opensearch? Click the Watch button to subscribe.
