CVE-2023-31418

moderate-risk
Published 2023-10-26

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.

Do I need to act?

-
0.83% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (3)

Elastic Cloud Enterprise
Elastic Cloud Enterprise

Affected Vendors

Elastic

References (6)

Vendor Advisory https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616
https://security.netapp.com/advisory/ntap-20231130-0005/
Vendor Advisory https://www.elastic.co/community/security
Vendor Advisory https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616
https://security.netapp.com/advisory/ntap-20231130-0005/
Vendor Advisory https://www.elastic.co/community/security
38
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 3/34 · Minimal
Exposure 9/34 · Low