CVE-2023-31418 - OpenCVE

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Elastic	Elasticsearch Elastic Cloud Enterprise

Configuration 1 [-]

OR	cpe:2.3:a:elastic:elasticsearch::::::::
	cpe:2.3:a:elastic:elasticsearch::::::::

Configuration 2 [-]

OR	cpe:2.3:a:elastic:elastic_cloud_enterprise::::::::
	cpe:2.3:a:elastic:elastic_cloud_enterprise:3.6.0:::::::*

References

Link	Resource
https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616	Vendor Advisory
https://security.netapp.com/advisory/ntap-20231130-0005/
https://www.elastic.co/community/security	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: elastic

Published: 2023-10-26T17:36:42.723Z

Updated: 2023-10-26T17:36:42.723Z

Reserved: 2023-04-27T18:54:56.704Z

Link: CVE-2023-31418

JSON object: View

NVD Information

Status : Modified

Published: 2023-10-26T18:15:08.587

Modified: 2023-11-30T22:15:07.810

Link: CVE-2023-31418

JSON object: View

Redhat Information

No data.

CWE

CWE-400

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-31418", "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "state": "PUBLISHED", "assignerShortName": "elastic", "dateReserved": "2023-04-27T18:54:56.704Z", "datePublished": "2023-10-26T17:36:42.723Z", "dateUpdated": "2023-10-26T17:36:42.723Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Elasticsearch", "vendor": "Elastic", "versions": [{"status": "affected", "version": "7.17.12"}, {"lessThan": "8.8.2", "status": "affected", "version": "8.0.0", "versionType": "semver"}, {"lessThan": "3.6.0", "status": "affected", "version": "2.13.3", "versionType": "semver"}]}], "datePublic": "2023-09-22T11:52:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild."}], "value": "An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic", "dateUpdated": "2023-10-26T17:36:42.723Z"}, "references": [{"url": "https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616"}, {"url": "https://www.elastic.co/community/security"}, {"url": "https://security.netapp.com/advisory/ntap-20231130-0005/"}], "source": {"discovery": "UNKNOWN"}, "title": "Elasticsearch uncontrolled resource consumption", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7782710-73A4-4698-872E-CD9FE4362872", "versionEndIncluding": "7.17.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*", "matchCriteriaId": "40A93493-7FF2-46D1-8855-40B7CA831C47", "versionEndIncluding": "8.8.2", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*", "matchCriteriaId": "9311B386-FAD0-4DB8-A059-DAA46549F1D8", "versionEndIncluding": "2.13.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:elastic_cloud_enterprise:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "20740FCD-DA43-49EF-B2E9-C85DFD13881A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild."}, {"lang": "es", "value": "Se identific\u00f3 un problema con la forma en que Elasticsearch manej\u00f3 las solicitudes entrantes en la capa HTTP. Un usuario no autenticado podr\u00eda forzar la salida de un nodo de Elasticsearch con un error OutOfMemory enviando una cantidad moderada de solicitudes HTTP con formato incorrecto. El problema fue identificado por Elastic Engineering y no tenemos indicios de que se conozca o de que est\u00e9 siendo explotado en la naturaleza."}], "id": "CVE-2023-31418", "lastModified": "2023-11-30T22:15:07.810", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "bressers@elastic.co", "type": "Secondary"}]}, "published": "2023-10-26T18:15:08.587", "references": [{"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616"}, {"source": "bressers@elastic.co", "url": "https://security.netapp.com/advisory/ntap-20231130-0005/"}, {"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://www.elastic.co/community/security"}], "sourceIdentifier": "bressers@elastic.co", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "bressers@elastic.co", "type": "Secondary"}]}