A vulnerability was found in Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not allowed for the user when field level security (FLS) is activated. Reference: https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_0
External References: https://search-guard.com/cve-advisory/
Field level security was added in Search Guard 5 which is used by OpenShift 3.11, and 4.1, but not earlier versions.