elasticsearch is vulnerable to information disclosure. Search queries do not properly preserve security permissions when executing certain cross-cluster search queries when Document or Field Level Security is used, resulting in the search disclosing the existence of documents a user should not be able to view.