A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an…
elastic·CWE-754·Published 2022-06-06
A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request.
A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request.
A Denial of Service flaw was discovered in Elasticsearch 8.0.0 through 8.2.0. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request. Version 8.2.1 contains a patch.
A Denial of Service flaw was discovered in Elasticsearch 8.0.0 through 8.2.0. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request. Version 8.2.1 contains a patch.
Se ha detectado un fallo de Denegación de Servicio en Elasticsearch. Usando esta vulnerabilidad, un atacante no autenticado podría cerrar por la fuerza un nodo de Elasticsearch con una petición de red con un formato específico
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 5.0 | 10.0 | 2.9 | AV:N/AC:L/Au:N/C:N/I:N/A:P |
| 3.1 | Primary | NVD | 7.5 | 3.9 | 3.6 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 3.1 | Secondary | GHSA | 7.5 | — | — | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |