ID:9372 - Exploit for Stack-based buffer overflow in Elasticsearch - CVE-2023-31419

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:9372 - Exploit for Stack-based buffer overflow in Elasticsearch - CVE-2023-31419

ID:9372 - Exploit for Stack-based buffer overflow in Elasticsearch - CVE-2023-31419

Published: October 7, 2023


Vulnerability identifier: #VU80874
Vulnerability risk: Medium
CVE-ID: CVE-2023-31419
CWE-ID: CWE-121
Exploitation vector: Remote access
Vulnerable software:
Elasticsearch

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the _search API. A remote attacker can pass specially crafted data to the application, trigger a stack buffer overflow and perform a denial of service (DoS) attack.


Remediation

Install updates from vendor's website.