Elasticsearch
by Elastic
Standard maintenance is sufficient
Elasticsearch has low exploitation rates. Attackers rarely target this software's known vulnerabilities.
What to do
- Keep automatic updates enabled
- No urgent action needed
- Review periodically as part of normal maintenance
What Attackers Target
Vulnerabilities with high exploit probability
10.9%
Confirmed actively exploited (CISA)
2.2%
Public exploit code available
2.2%
Based on 46 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2015-1427 | 9.8 | 92.3% | Yes |
| CVE-2021-22145 | 6.5 | 67.9% | — |
| CVE-2015-5377 | 9.8 | 39.9% | — |
| CVE-2023-31419 | 6.5 | 30.3% | — |
| CVE-2021-22146 | 7.5 | 29.9% | — |
| CVE-2022-23712 | 7.5 | 3.2% | — |
| CVE-2020-7009 | 8.8 | 1.8% | — |
| CVE-2019-7619 | 5.3 | 1.6% | — |
| CVE-2024-23444 | 4.9 | 1.2% | — |
| CVE-2024-43709 | 6.5 | 0.9% | — |
| CVE-2018-17244 | 6.5 | 0.9% | — |
| CVE-2023-31418 | 7.5 | 0.8% | — |
| CVE-2018-3831 | 8.8 | 0.8% | — |
| CVE-2024-23450 | 4.9 | 0.8% | — |
| CVE-2019-7611 | 8.1 | 0.7% | — |
| CVE-2023-49921 | 5.2 | 0.7% | — |
| CVE-2020-7014 | 8.8 | 0.5% | — |
| CVE-2023-46673 | 6.5 | 0.5% | — |
| CVE-2021-22132 | 4.8 | 0.4% | — |
| CVE-2018-3826 | 6.5 | 0.4% | — |
11
/ 100
low-risk
Active Threat
10/50 · Low
Exploit Availability
1/50 · Minimal
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.