High severityNVD Advisory· Published Jun 6, 2022· Updated Aug 3, 2024
CVE-2022-23712
CVE-2022-23712
Description
A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.elasticsearch:elasticsearchMaven | >= 8.0.0, < 8.2.1 | 8.2.1 |
Affected products
3- osv-coords2 versions
>= 8.0.0, < 8.2.1+ 1 more
- (no CPE)range: >= 8.0.0, < 8.2.1
- (no CPE)range: >= 8.0.0, < 8.2.1
- Range: versions 8.0.0 through 8.2.0
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-wh6w-69xc-5rq5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-23712ghsaADVISORY
- discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530ghsax_refsource_MISCWEB
- security.netapp.com/advisory/ntap-20220707-0010ghsaWEB
- security.netapp.com/advisory/ntap-20220707-0010/mitrex_refsource_CONFIRM
- www.elastic.co/community/securityghsaWEB
- www.elastic.co/community/security/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.