CVE-2021-22144
published 2021-07-26CVE-2021-22144: In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the…
PriorityP434medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
1.66%
73.7th percentile
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | elasticsearch | < 6.8.17 | 6.8.17 |
| elastic | elasticsearch | >= 7.0.0 < 7.13.3 | 7.13.3 |
| msrc | cm1_rubygem-elasticsearch_8.2.0-1_on_cbl_mariner_1.0 | — | — |
| oracle | communications_cloud_native_core_automated_test_suite | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_oracle6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Oracle
Oracle Oracle PeopleSoft Risk Matrix: Elastic Search (Grok Parser) — CVE-2021-22144
vendor_oracle·2022-10-15·CVSS 6.5
CVE-2021-22144 [MEDIUM] Oracle Oracle PeopleSoft Risk Matrix: Elastic Search (Grok Parser) — CVE-2021-22144
Oracle Oracle PeopleSoft Risk Matrix: Elastic Search (Grok Parser) vulnerability
CVE: CVE-2021-22144
CVSS: 6.5
Protocol: HTTP
Remote exploit: No
Affected versions: Network
Advisory: cpuoct2022 (OCT 2022)
Microsoft
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with th
vendor_msrc·2021-07-13·CVSS 6.5
CVE-2021-22144 [MEDIUM] CWE-674 In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with th
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSA
Red Hat
elasticsearch: uncontrolled recursion in Grok parser
vendor_redhat·2021-07-07·CVSS 6.5
CVE-2021-22144 [MEDIUM] CWE-674 elasticsearch: uncontrolled recursion in Grok parser
elasticsearch: uncontrolled recursion in Grok parser
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
A flaw was found in Elasticsearch. An uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. This flaw allows a user who can submit arbitrary queries to Elasticsearch to create a malicious Grok query that crashes the Elasticsearch node. The highest threat from this vulnerability is to system availability.
Statement: OpenShift Containe
OSV
Denial of Service in Elasticsearch
osv·2021-08-09
CVE-2021-22144 [MEDIUM] Denial of Service in Elasticsearch
Denial of Service in Elasticsearch
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
GHSA
Denial of Service in Elasticsearch
ghsa·2021-08-09
CVE-2021-22144 [MEDIUM] CWE-674 Denial of Service in Elasticsearch
Denial of Service in Elasticsearch
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
OSV
CVE-2021-22144: In Elasticsearch versions before 7
osv·2021-07-26·CVSS 6.5
CVE-2021-22144 [MEDIUM] CVE-2021-22144: In Elasticsearch versions before 7
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
No detection rules found.
No public exploits indexed.
https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100https://security.netapp.com/advisory/ntap-20210827-0006/https://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100https://security.netapp.com/advisory/ntap-20210827-0006/https://www.oracle.com/security-alerts/cpuapr2022.html
2021-07-26
Published