CVE-2023-46673
Crash vulnerability in elasticsearch (Maven)
What is CVE-2023-46673 About?
This vulnerability involves malformed scripts in an Ingest Pipeline's script processor which can crash an Elasticsearch node. Successful exploitation leads to a denial of service for the node, and it is relatively easy to trigger by interacting with the Simulate Pipeline API.
Affected Software
- org.elasticsearch:elasticsearch
- >7.0.0, <7.17.14
- >8.0.0, <8.10.3
Technical Details
The vulnerability arises from malformed scripts processed within the Ingest Pipeline component of Elasticsearch. Specifically, when these crafted scripts are evaluated by the script processor, calling the Simulate Pipeline API triggers an unhandled condition or error that leads to the abrupt termination and crash of the Elasticsearch node. This signifies a lack of robust error handling or input validation within the script execution environment when interfacing with the simulation functionality.
What is the Impact of CVE-2023-46673?
Successful exploitation may allow attackers to cause a denial of service, leading to system unavailability and disruption of services provided by the affected node.
What is the Exploitability of CVE-2023-46673?
Exploitation of this vulnerability appears to be of moderate complexity, requiring knowledge of Elasticsearch's Ingest Pipeline and its API. There are no explicit authentication requirements mentioned, but interaction with the Simulate Pipeline API suggests that some level of access to the Elasticsearch instance, or credentials for API interaction, might be necessary. It is likely a remote attack, as the API is typically exposed for remote management. The primary constraint is crafting a 'malformed' script that specifically triggers the crash mechanism without causing an immediate error during submission. The risk factors for exploitation include insufficient input validation on script content and accessible Simulate Pipeline APIs.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-46673?
Available Upgrade Options
- org.elasticsearch:elasticsearch
- >7.0.0, <7.17.14 → Upgrade to 7.17.14
- org.elasticsearch:elasticsearch
- >8.0.0, <8.10.3 → Upgrade to 8.10.3
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://nvd.nist.gov/vuln/detail/CVE-2023-46673
- https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708
- https://www.elastic.co/community/security
- https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708
- https://github.com/elastic/elasticsearch
- https://osv.dev/vulnerability/GHSA-285m-vhfq-xx4h
- https://www.elastic.co/community/security
What are Similar Vulnerabilities to CVE-2023-46673?
Similar Vulnerabilities: CVE-2022-23749 , CVE-2021-39148 , CVE-2020-7013 , CVE-2018-1000632 , CVE-2017-7667
