CVE-2021-22145

MEDIUM NUCLEI

Elasticsearch < 7.13.3 - Information Disclosure

Title source: rule

Description

A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.

Exploits (3)

exploitdb WORKING POC

by r0ny · pythonwebappsmultiple

https://www.exploit-db.com/exploits/50149

View Code ZIP pw:eip

nomisec WORKING POC

by niceeeeeeee · poc

https://github.com/niceeeeeeee/CVE-2021-22145-poc

View Code ZIP pw:eip

metasploit WORKING POC

by h00die, Eric Howard, R0NY · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/elasticsearch_memory_disclosure.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Elasticsearch 7.10.0-7.13.3 - Information Disclosure

MEDIUMby dhiyaneshDk

FOFA: index_not_found_exception

References (5)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html

[Vendor Advisory] https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177

[Various Sources] https://gist.github.com/lucasdrufva/f9c5d7c9e26ee087b736d727953afd34

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20210827-0006/

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpuapr2022.html

Scores

CVSS v3 6.5

EPSS 0.6793

EPSS Percentile 98.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-209 CWE-200

Status published

Products (3)

elastic/elasticsearch 7.10.0 - 7.13.3

oracle/communications_cloud_native_core_automated_test_suite 1.8.0

org.elasticsearch.client/elasticsearch-rest-client 7.10.0 - 7.13.4Maven

Published Jul 21, 2021

Tracked Since Feb 18, 2026