CWE-612
Improper Authorization of Index Containing Sensitive Information
The product creates a search index of private or sensitive documents, but it does not properly limit index access to actors who are authorized to see the original information.
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.