CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*
cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*

History

30 Nov 2023, 20:22

Type Values Removed Values Added
References () https://www.elastic.co/community/security - () https://www.elastic.co/community/security - Vendor Advisory
References () https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708 - () https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708 - Vendor Advisory
CWE CWE-755
CPE cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

22 Nov 2023, 13:56

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-22 10:15

Updated : 2024-02-05 00:22


NVD link : CVE-2023-46673

Mitre link : CVE-2023-46673

CVE.ORG link : CVE-2023-46673


JSON object : View

Products Affected

elastic

  • elasticsearch
CWE
CWE-755

Improper Handling of Exceptional Conditions