VYPR
Moderate severityNVD Advisory· Published Jul 26, 2021· Updated Aug 3, 2024

CVE-2021-22144

CVE-2021-22144

Description

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.elasticsearch:elasticsearchMaven
< 6.8.176.8.17
org.elasticsearch:elasticsearchMaven
>= 7.0.0-alpha1, < 7.13.37.13.3

Affected products

3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.