CVE-2023-46673 Vulnerability in maven package org.elasticsearch:elasticsearch

Description

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.

Remediation

References

https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2022-23712 Vulnerability in maven package org.elasticsearch:elasticsearch

CVE-2012-0394 Vulnerability in maven package org.apache.struts:struts2-core

CVE-2021-37579 Vulnerability in maven package org.apache.dubbo:dubbo-common

CVE-2022-40955 Vulnerability in maven package org.apache.inlong:sort-connector-base

CVE-2018-11786 Vulnerability in maven package org.apache.karaf.shell:org.apache.karaf.shell.core

Severity

High

Classification

CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H