High severity7.1NVD Advisory· Published May 6, 2021· Updated Jun 17, 2026
CVE-2021-31828
CVE-2021-31828
Description
An SSRF issue in Open Distro for Elasticsearch (ODFE) before 1.13.1.0 allows an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceeding the Alerting plugin's intended scope.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Open Distro for Elasticsearch/Open Distro for Elasticsearchdescription
- Range: <1.13.1.0
Patches
Vulnerability mechanics
References
3- github.com/opendistro-for-elasticsearch/alerting/pull/353nvdPatchThird Party Advisory
- opendistro.github.io/for-elasticsearch-docs/version-history/nvdRelease NotesThird Party Advisory
- rotem-bar.com/ssrf-in-open-distro-for-elasticsearch-cve-2021-31828nvdThird Party Advisory
News mentions
0No linked articles in our index yet.