Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see. References: https://docs.search-guard.com/6.x-25/changelog-searchguard-6-x-24_3 https://search-guard.com/cve-advisory/
Use of Cross Cluster Search is not supported in all versions of OpenShift.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-13415