Lucene search
PRIOn knowledge basePRION:CVE-2021-22144HistoryJul 26, 2021 - 12:15 p.m.
Design/Logic Flaw
2021-07-2612:15:00
PRIOn knowledge base
www.prio-n.com
13
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
| CPE | Name | Operator | Version |
|---|---|---|---|
| elasticsearch | lt | 6.8.17 | |
| elasticsearch | ge | 7.0.0 | |
| elasticsearch | lt | 7.13.3 | |
| communications_cloud_native_core_automated_test_suite | eq | 1.8.0 |
Related
github
github
Denial of Service in Elasticsearch
2021-08-09 20:41:17
openvas
openvas
Elastic Elasticsearch DoS Vulnerability (ESA-2021-15)
2021-07-27 00:00:00
nvd
nvd
CVE-2021-22144
2021-07-26 12:15:08
ibm
ibm
cve
cve
CVE-2021-22144
2021-07-26 12:15:08
osv
osv
BIT-elasticsearch-2021-22144
2024-03-06 10:53:22
CVE-2021-22144
2021-07-26 12:15:08
Denial of Service in Elasticsearch
2021-08-09 20:41:17
cvelist
cvelist
CVE-2021-22144
2021-07-26 11:48:40
veracode
veracode
Denial Of Service
2021-08-11 05:42:06
cnvd
cnvd
Elasticsearch Resource Management Error Vulnerability
2021-07-12 00:00:00
ubuntucve
ubuntucve
CVE-2021-22144
2021-07-26 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-22144 affecting package rubygem-elasticsearch 7.6.0-1
2022-05-26 19:04:38
redhatcve
redhatcve
CVE-2021-22144
2021-07-29 13:19:55
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00