CVE-2024-43709
Allocation of Resources Without Limits or Throttling vulnerability in elasticsearch (Maven)
What is CVE-2024-43709 About?
Elasticsearch is vulnerable to an OutOfMemoryError exception when processing specially crafted SQL queries, leading to a crash. This allocation of resources without limits or throttling can result in a denial of service. Exploitation requires crafting specific SQL functions and is moderately difficult.
Affected Software
- org.elasticsearch:elasticsearch
- <7.17.21
- >8.0.0, <8.13.3
Technical Details
The vulnerability in Elasticsearch arises from an improper handling of resource allocation when processing SQL queries, specifically through certain SQL functions. An attacker can construct a specially crafted SQL query that, when executed, causes Elasticsearch to allocate an excessive amount of memory without proper limits or throttling. This uncontrolled allocation eventually leads to an OutOfMemoryError exception, which in turn causes the Elasticsearch node to crash. The lack of resource governance for these kinds of SQL operations is the root cause allowing the denial of service.
What is the Impact of CVE-2024-43709?
Successful exploitation may allow attackers to trigger an OutOfMemoryError, causing Elasticsearch nodes to crash and resulting in a denial of service that impacts data availability and search functionality.
What is the Exploitability of CVE-2024-43709?
Exploitation involves sending a specially crafted SQL query to a vulnerable Elasticsearch instance. The complexity is moderate, requiring knowledge of Elasticsearch's SQL query syntax and an understanding of which functions or constructs are prone to excessive resource allocation. Authentication is likely required, as typically only authenticated users or internal services have access to submit SQL queries to Elasticsearch. This is a remote vulnerability. The critical constraint is the attacker's ability to submit SQL queries to the target Elasticsearch cluster. The absence of proper resource limits or circuit breakers on SQL query processing increases the likelihood of a successful DoS.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2024-43709?
Available Upgrade Options
- org.elasticsearch:elasticsearch
- <7.17.21 → Upgrade to 7.17.21
- org.elasticsearch:elasticsearch
- >8.0.0, <8.13.3 → Upgrade to 8.13.3
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://security.netapp.com/advisory/ntap-20250221-0007
- https://osv.dev/vulnerability/GHSA-jgx4-7v3v-vwfm
- https://discuss.elastic.co/t/elasticsearch-7-17-21-and-8-13-3-security-update-esa-2024-25/373442
- https://nvd.nist.gov/vuln/detail/CVE-2024-43709
- https://security.netapp.com/advisory/ntap-20250221-0007/
- https://github.com/elastic/elasticsearch
- https://discuss.elastic.co/t/elasticsearch-7-17-21-and-8-13-3-security-update-esa-2024-25/373442
What are Similar Vulnerabilities to CVE-2024-43709?
Similar Vulnerabilities: CVE-2023-38545 , CVE-2023-28432 , CVE-2022-24434 , CVE-2021-23358 , CVE-2020-8174
