cbcvebase.

Elastic Elasticsearch vulnerabilities

51 known vulnerabilities affecting elastic/elasticsearch.

Total CVEs
51
CISA KEV
2
actively exploited
Public exploits
6
Exploited in wild
4
Severity breakdown
CRITICAL2HIGH20MEDIUM27LOW2

Vulnerabilities

Page 2 of 3
CVE-2024-23444P3HIGHCVSS 7.5≥ 7.0.0, < 7.17.23≥ 8.0.0, < 8.13.0+2 more2024-07-31
CVE-2024-23444 [HIGH] CWE-311 CVE-2024-23444: It was discovered by Elastic engineering that when elasticsearch-certutil CLI tool is used with the It was discovered by Elastic engineering that when elasticsearch-certutil CLI tool is used with the csr option in order to create a new Certificate Signing Requests, the associated private key that is generated is stored on disk unencrypted even if the --pass parameter is passed in the command invocation.
nvd
CVE-2024-23445P3MEDIUMCVSS 6.5≥ 8.10.0, < 8.14.02024-06-12
CVE-2024-23445 [MEDIUM] CWE-922 CVE-2024-23445: It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/ref It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the field_security parameter, and the same cross-cluster API key also grants replicat
nvd
CVE-2024-12539P3MEDIUMCVSS 6.5≥ 8.16.0, < 8.16.2≥ 8.16.0, ≤ 8.16.12024-12-17
CVE-2024-12539 [MEDIUM] CWE-863 CVE-2024-12539: An issue was discovered where improper authorization controls affected certain queries that could al An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow.
nvd
CVE-2018-3827P3HIGHCVSS 8.1vbefore 6.3.02018-09-19
CVE-2018-3827 [HIGH] CWE-532 CVE-2018-3827: A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticse A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged.
nvd
CVE-2024-23450P3HIGHCVSS 7.5≥ 7.0.0, < 7.17.19≥ 8.0.0, < 8.13.02024-03-27
CVE-2024-23450 [HIGH] CWE-400 CVE-2024-23450: A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on a A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash.
nvd
CVE-2018-17244P3MEDIUMCVSS 6.5≥ 6.4.0, ≤ 6.4.2v6.4.0 to 6.4.22018-12-20
CVE-2018-17244 [MEDIUM] CWE-362 CVE-2018-17244: Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are appli Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; when used with run as, this can result in the request ru
nvd
CVE-2023-49921P3MEDIUMCVSS 6.5≥ 7.0.0, < 7.17.16≥ 8.0.0, < 8.11.22024-07-26
CVE-2023-49921 [MEDIUM] CWE-532 CVE-2023-49921: An issue was discovered by Elastic whereby Watcher search input logged the search query results on D An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Wat
nvd
CVE-2024-52979P3HIGHCVSS 7.5fixed in 7.17.25≥ 8.0.0, < 8.16.0+1 more2025-05-01
CVE-2024-52979 [HIGH] CWE-400 CVE-2024-52979: Uncontrolled Resource Consumption in Elasticsearch while evaluating specifically crafted search temp Uncontrolled Resource Consumption in Elasticsearch while evaluating specifically crafted search templates with Mustache functions can lead to Denial of Service by causing the Elasticsearch node to crash.
nvd
CVE-2024-52981P3HIGHCVSS 7.5≥ 7.17.0, < 7.17.24≥ 8.0.0, < 8.15.1+2 more2025-04-08
CVE-2024-52981 [HIGH] CWE-400 CVE-2024-52981: An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow.
nvd
CVE-2020-7019P3MEDIUMCVSS 6.5fixed in 6.8.12≥ 7.0.0, < 7.9.0+1 more2020-08-18
CVE-2020-7019 [MEDIUM] CWE-270 CVE-2020-7019: In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted in
nvd
CVE-2021-22144P4MEDIUMCVSS 6.5fixed in 6.8.17≥ 7.0.0, < 7.13.32021-07-26
CVE-2021-22144 [MEDIUM] CWE-674 CVE-2021-22144: In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that coul In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.
nvd
CVE-2018-17247P4MEDIUMCVSS 5.9v6.5.0v6.5.1+1 more2018-12-20
CVE-2018-17247 [MEDIUM] CWE-611 CVE-2018-17247: Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_ Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable of leaking content of local files on the Elasticsearch node. This could
nvd
CVE-2021-22147P4MEDIUMCVSS 6.5≥ 7.11.0, < 7.14.0vversions 7.11.0 to 7.13.42021-09-15
CVE-2021-22147 [MEDIUM] CWE-732 CVE-2021-22147: Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.
nvd
CVE-2018-3826P4MEDIUMCVSS 6.5≥ 6.0.0, ≤ 6.2.4v6.0.0+1 more2018-09-19
CVE-2018-3826 [MEDIUM] CWE-200 CVE-2018-3826: In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. Whe In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. When the access_key and security_key parameters are set using the _snapshot API they can be exposed as plain text by users able to query the _snapshot API.
nvd
CVE-2024-52980P4MEDIUMCVSS 6.5≥ 7.17.0, < 8.15.1≥ 7.17.0, ≤ 8.15.02025-04-08
CVE-2024-52980 [MEDIUM] CWE-400 CVE-2024-52980: A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferen A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.
nvd
CVE-2019-7619P4MEDIUMCVSS 5.3≥ 6.7.0, ≤ 6.8.3≥ 7.0.0, ≤ 7.3.2+1 more2019-10-30
CVE-2019-7619 [MEDIUM] CWE-200 CVE-2019-7619: Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in t Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username disclosure flaw was found in the API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm.
nvd
CVE-2025-68384P4MEDIUMCVSS 6.5≥ 7.0.0, ≤ 7.17.29≥ 8.0.0, < 8.19.9+5 more2025-12-18
CVE-2025-68384 [MEDIUM] CWE-770 CVE-2025-68384: Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-priv Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial of service (OOM crash) via submission of oversized user settings data.
nvd
CVE-2019-7614P4MEDIUMCVSS 5.9fixed in 6.8.2≥ 7.0.0, < 7.2.1+1 more2019-07-30
CVE-2019-7614 [MEDIUM] CWE-362 CVE-2019-7614: A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8. A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user.
nvd
CVE-2025-37727P4MEDIUMCVSS 5.7≥ 7.0.0, ≤ 7.17.29≥ 8.0.0, < 8.18.8+7 more2025-10-10
CVE-2025-37727 [MEDIUM] CWE-532 CVE-2025-37727: Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
nvd
CVE-2024-23449P4MEDIUMCVSS 5.3≥ 8.4.0, < 8.11.12024-03-29
CVE-2024-23449 [MEDIUM] CWE-248 CVE-2024-23449: An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
nvd
Elastic Elasticsearch vulnerabilities | cvebase