Denial Of Service

2021-08-1105:42:06

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

241

0.001 Low

EPSS

Percentile

49.6%

elasticsearchis vulnerable to Denial Of Service. The vulnerability exists due to an uncontrolled recursion in the Grok parser.

CPENameOperatorVersion
serverle7.13.2
serverle6.8.16
serverle7.13.2
serverle6.8.16

Name	Operator	Version
server	le	7.13.2
server	le	6.8.16
server	le	7.13.2
server	le	6.8.16

References

discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100

github.com/advisories/GHSA-3393-hvrj-w7v3

security.netapp.com/advisory/ntap-20210827-0006/

www.oracle.com/security-alerts/cpuapr2022.html

0.001 Low

EPSS

Percentile

49.6%

Related for VERACODE:31557