Published: 26/10/2023 Updated: 01/02/2024

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

A flaw exists in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
elastic elasticsearch

DescriptionA flaw was found in Elasticsearch This issue affects the _search API that allowed a specially crafted query string to cause a stack overflow and, ultimately, a denial of serviceA flaw was found in Elasticsearch This issue affects the _search API that allowed a specially crafted query string to cause a stack overflow and, ultima ...

Elasticsearch version 853 stack overflow proof of concept exploit ...

Elasticsearch Stack Overflow Vulnerability

Elasticsearch StackOverflow vulnerability A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service Affected Versions: Elasticsearch versions from 700 to 71712 and from 800 to 890 Solutions and Mitigations: The issue is resolved in Elasticsearch 71713 an

Elasticsearch DoS CVE-2023-31419 exploit

Elasticsearch CVE 2023-31419 PoC

CWE-787 https://www.elastic.co/community/security https://discuss.elastic.co/t/elasticsearch-8-9-1-7-17-13-security-update/343297 https://security.netapp.com/advisory/ntap-20231116-0010/https://nvd.nist.gov https://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419 https://packetstormsecurity.com/files/174807/Elasticsearch-8.5.3-Stack-Overflow.html https://access.redhat.com/security/cve/cve-2023-31419

CVE-2023-31419

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect