Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-59131
HistoryJul 12, 2021 - 12:00 a.m.

Elasticsearch Resource Management Error Vulnerability

2021-07-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
10

0.001 Low

EPSS

Percentile

49.6%

Elasticsearch is a set of open source distributed RESTful search engine built on Lucene from the Dutch company Elasticsearch. The product is mainly used in cloud computing and supports data indexing using JSON over HTTP.Elasticsearch has a resource management error vulnerability that stems from Grok queries triggering an overload in Elasticsearch, which could be exploited by an attacker to trigger a denial of service.