Lucene search

K
cvelistElasticCVELIST:CVE-2021-22144
HistoryJul 26, 2021 - 11:48 a.m.

CVE-2021-22144

2021-07-2611:48:40
elastic
www.cve.org

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.6%

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.6%