CVE-2024-23449
published 2024-03-29CVE-2024-23449: An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The…
PriorityP428medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
0.68%
47.8th percentile
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | elasticsearch | >= 8.4.0 < 8.11.1 | 8.11.1 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
osv5.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
elasticsearch: uncaught exception leads to crash
vendor_redhat·2024-03-29·CVSS 4.3
CVE-2024-23449 [MEDIUM] CWE-248 elasticsearch: uncaught exception leads to crash
elasticsearch: uncaught exception leads to crash
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
A flaw was found in the Elasticsearch package. An uncaught exception occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
Mitigation: This CVE requires the attachment processor to be enabled. Users unable to upgrade can ensure that the
OSV
CVE-2024-23449: An uncaught exception in Elasticsearch >= 8
osv·2024-03-29·CVSS 5.3
CVE-2024-23449 [MEDIUM] CVE-2024-23449: An uncaught exception in Elasticsearch >= 8
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
OSV
Elasticsearch Uncaught Exception leading to crash
osv·2024-03-29
CVE-2024-23449 [MEDIUM] Elasticsearch Uncaught Exception leading to crash
Elasticsearch Uncaught Exception leading to crash
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
GHSA
Elasticsearch Uncaught Exception leading to crash
ghsa·2024-03-29
CVE-2024-23449 [MEDIUM] CWE-248 Elasticsearch Uncaught Exception leading to crash
Elasticsearch Uncaught Exception leading to crash
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-03-29
Published