Lucene search
China National Vulnerability DatabaseCNVD-2021-59131HistoryJul 12, 2021 - 12:00 a.m.
Elasticsearch Resource Management Error Vulnerability
2021-07-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
49.6%
Elasticsearch is a set of open source distributed RESTful search engine built on Lucene from the Dutch company Elasticsearch. The product is mainly used in cloud computing and supports data indexing using JSON over HTTP.Elasticsearch has a resource management error vulnerability that stems from Grok queries triggering an overload in Elasticsearch, which could be exploited by an attacker to trigger a denial of service.
| CPE | Name | Operator | Version |
|---|---|---|---|
| elasticsearch elasticsearch | lt | 7.13.3 | |
| elasticsearch elasticsearch | lt | 6.8.17 |
Related
redhatcve
redhatcve
CVE-2021-22144
2021-07-29 13:19:55
osv
osv
Denial of Service in Elasticsearch
2021-08-09 20:41:17
BIT-elasticsearch-2021-22144
2024-03-06 10:53:22
CVE-2021-22144
2021-07-26 12:15:08
cbl_mariner
cbl_mariner
CVE-2021-22144 affecting package rubygem-elasticsearch 7.6.0-1
2022-05-26 19:04:38
ibm
ibm
nvd
nvd
CVE-2021-22144
2021-07-26 12:15:08
cve
cve
CVE-2021-22144
2021-07-26 12:15:08
prion
prion
Design/Logic Flaw
2021-07-26 12:15:00
veracode
veracode
Denial Of Service
2021-08-11 05:42:06
cvelist
cvelist
CVE-2021-22144
2021-07-26 11:48:40
openvas
openvas
Elastic Elasticsearch DoS Vulnerability (ESA-2021-15)
2021-07-27 00:00:00
github
github
Denial of Service in Elasticsearch
2021-08-09 20:41:17
ubuntucve
ubuntucve
CVE-2021-22144
2021-07-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00