Lucene search

GitHub Advisory DatabaseGHSA-PW39-F3M5-CXFC

HistoryMar 29, 2024 - 12:30 p.m.

Elasticsearch Uncaught Exception leading to crash

2024-03-2912:30:42

CWE-248

GitHub Advisory Database

github.com

elasticsearch

uncaught exception

encrypted pdf

rest api

crash

ingest node

parse

software

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.

Affected configurations

Vulners

Node

org.elasticsearch\Matchelasticsearch

CPENameOperatorVersion
org.elasticsearch:elasticsearchlt8.11.1

CPE	Name	Operator	Version
	org.elasticsearch:elasticsearch	lt	8.11.1

References

discuss.elastic.co/t/elasticsearch-8-11-1-security-update-esa-2024-05/356458

github.com/advisories/GHSA-pw39-f3m5-cxfc

nvd.nist.gov/vuln/detail/CVE-2024-23449

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for GHSA-PW39-F3M5-CXFC