CVE-2021-22145

A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html	Exploit Third Party Advisory VDB Entry
https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177	Vendor Advisory
https://security.netapp.com/advisory/ntap-20210827-0006/	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-07-21 15:15

Updated : 2024-02-28 18:28

NVD link : CVE-2021-22145

Mitre link : CVE-2021-22145

CVE.ORG link : CVE-2021-22145

JSON object : View

Products Affected

oracle

communications_cloud_native_core_automated_test_suite

elastic

elasticsearch

CWE

CWE-209

Generation of Error Message Containing Sensitive Information

{"id": "CVE-2021-22145", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2021-07-21T15:15:14.063", "references": [{"url": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "bressers@elastic.co"}, {"url": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177", "tags": ["Vendor Advisory"], "source": "bressers@elastic.co"}, {"url": "https://security.netapp.com/advisory/ntap-20210827-0006/", "tags": ["Third Party Advisory"], "source": "bressers@elastic.co"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "bressers@elastic.co"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-209"}]}], "descriptions": [{"lang": "en", "value": "A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad de divulgaci\u00f3n de memoria en los informes de errores de Elasticsearch versiones 7.10.0 hasta 7.13.3. Un usuario con la habilidad de enviar consultas arbitrarias a Elasticsearch podr\u00eda enviar una consulta malformada que resultar\u00eda en un mensaje de error devuelto conteniendo porciones previamente usadas de un buffer de datos. Este b\u00fafer podr\u00eda contener informaci\u00f3n confidencial, como documentos de Elasticsearch o detalles de autenticaci\u00f3n"}], "lastModified": "2022-05-10T15:25:28.387", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A9AF155-3C17-4B67-8FD2-A6058E7BF987", "versionEndIncluding": "7.13.3", "versionStartIncluding": "7.10.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98FB24DB-AF91-48D0-9CA5-C8250D183FD5"}], "operator": "OR"}]}], "sourceIdentifier": "bressers@elastic.co"}