CVE-2023-31418

HIGH IN THE WILD

Elasticsearch < 7.17.13 - Unauthenticated Denial of Service via Malformed HTTP Requests

Title source: llm

Exploitation Summary

CVE-2023-31418 has been observed exploited in the wild (reported by InTheWild.io).

Description

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.

References (3)

Core 3

Core References

Vendor Advisory

https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-13-security-update/343616

Vendor Advisory

https://www.elastic.co/community/security

Vendor Advisory

https://security.netapp.com/advisory/ntap-20231130-0005/

Scores

CVSS v3 7.5

EPSS 0.0092

EPSS Percentile 76.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

InTheWild.io 2023-10-26

CWE

CWE-400

Status published

Products (4)

elastic/elastic_cloud_enterprise 3.6.0

elastic/elastic_cloud_enterprise < 2.13.3

elastic/elasticsearch < 7.17.12

org.elasticsearch/elasticsearch 0 - 7.17.13Maven

Published Oct 26, 2023

Tracked Since Feb 18, 2026