cvelistv5 - cve-2024-52980

CVE-2024-52980 (GCVE-0-2024-52980)

Vulnerability from cvelistv5

Published

2025-04-08 16:43

Modified

2025-04-08 19:59

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.

References

►

URL

Tags

bressers@elastic.co

https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919

Impacted products

	Vendor	Product	Version
	Elastic	Elasticsearch	Version: 7.17.0 ≤ 8.15.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-52980",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-08T19:59:32.130694Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-08T19:59:43.764Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Elasticsearch",
          "vendor": "Elastic",
          "versions": [
            {
              "lessThanOrEqual": "8.15.0",
              "status": "affected",
              "version": "7.17.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.\u003c/p\u003e\u003cp\u003eA successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.\u003c/p\u003e\u003cbr\u003e"
            }
          ],
          "value": "A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.\n\nA successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-08T16:43:41.103Z",
        "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "shortName": "elastic"
      },
      "references": [
        {
          "url": "https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Elasticsearch Uncontrolled Resource Consumption vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
    "assignerShortName": "elastic",
    "cveId": "CVE-2024-52980",
    "datePublished": "2025-04-08T16:43:41.103Z",
    "dateReserved": "2024-11-18T14:48:22.454Z",
    "dateUpdated": "2025-04-08T19:59:43.764Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-52980\",\"sourceIdentifier\":\"bressers@elastic.co\",\"published\":\"2025-04-08T17:15:34.880\",\"lastModified\":\"2025-04-08T18:13:53.347\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.\\n\\nA successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 una falla en Elasticsearch. Una recursi\u00f3n extensa con la funci\u00f3n innerForbidCircularReferences de la clase PatternBank pod\u00eda provocar el bloqueo del nodo Elasticsearch. Para que el ataque tenga \u00e9xito, se requiere que un usuario malintencionado tenga asignado el privilegio read_pipeline del cl\u00faster de Elasticsearch.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"bressers@elastic.co\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"bressers@elastic.co\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"references\":[{\"url\":\"https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919\",\"source\":\"bressers@elastic.co\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-52980\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-08T19:59:32.130694Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-08T19:59:37.882Z\"}}], \"cna\": {\"title\": \"Elasticsearch Uncontrolled Resource Consumption vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Elastic\", \"product\": \"Elasticsearch\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.17.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.15.0\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.\\n\\nA successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eA flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.\u003c/p\u003e\u003cp\u003eA successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.\u003c/p\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"271b6943-45a9-4f3a-ab4e-976f3fa05b5a\", \"shortName\": \"elastic\", \"dateUpdated\": \"2025-04-08T16:43:41.103Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-52980\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-08T19:59:43.764Z\", \"dateReserved\": \"2024-11-18T14:48:22.454Z\", \"assignerOrgId\": \"271b6943-45a9-4f3a-ab4e-976f3fa05b5a\", \"datePublished\": \"2025-04-08T16:43:41.103Z\", \"assignerShortName\": \"elastic\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ghsa-ghfh-p92w-j4mg

Vulnerability from github

Published

2025-04-08 18:34

Modified

2025-05-27 17:48

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function

Details

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.

A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.elasticsearch:elasticsearch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.17.0"
            },
            {
              "fixed": "8.15.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-52980"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-09T13:02:50Z",
    "nvd_published_at": "2025-04-08T17:15:34Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.\n\nA successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.",
  "id": "GHSA-ghfh-p92w-j4mg",
  "modified": "2025-05-27T17:48:19Z",
  "published": "2025-04-08T18:34:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52980"
    },
    {
      "type": "WEB",
      "url": "https://github.com/elastic/elasticsearch/commit/4e5c6801f4d60f100f122072f6bf35b21fd722a5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/elastic/elasticsearch/commit/a02dc7165c75f12701f8d47a2bdefe5283735267"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/elastic/elasticsearch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function"
}

fkie_cve-2024-52980

Vulnerability from fkie_nvd

Published

2025-04-08 17:15

Modified

2025-04-08 18:13

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

▶	URL	Tags
	bressers@elastic.co	https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.\n\nA successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them."
    },
    {
      "lang": "es",
      "value": "Se descubri\u00f3 una falla en Elasticsearch. Una recursi\u00f3n extensa con la funci\u00f3n innerForbidCircularReferences de la clase PatternBank pod\u00eda provocar el bloqueo del nodo Elasticsearch. Para que el ataque tenga \u00e9xito, se requiere que un usuario malintencionado tenga asignado el privilegio read_pipeline del cl\u00faster de Elasticsearch."
    }
  ],
  "id": "CVE-2024-52980",
  "lastModified": "2025-04-08T18:13:53.347",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "bressers@elastic.co",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-08T17:15:34.880",
  "references": [
    {
      "source": "bressers@elastic.co",
      "url": "https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919"
    }
  ],
  "sourceIdentifier": "bressers@elastic.co",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "bressers@elastic.co",
      "type": "Secondary"
    }
  ]
}

wid-sec-w-2025-0742

Vulnerability from csaf_certbund

Published

2025-04-08 22:00

Modified

2025-04-08 22:00

Summary

Elasticsearch: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Elasticsearch ist eine Open Source, verteilte Echtzeit-Suche und Analyse-Engine.

Angriff

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Elasticsearch ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux - Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Elasticsearch ist eine Open Source, verteilte Echtzeit-Suche und Analyse-Engine.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Elasticsearch ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0742 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0742.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0742 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0742"
      },
      {
        "category": "external",
        "summary": "Elasticsearch Security Update ESA-2024-34 vom 2025-04-08",
        "url": "https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919"
      },
      {
        "category": "external",
        "summary": "Elasticsearch Security Update ESA-2024-37 vom 2025-04-08",
        "url": "https://discuss.elastic.co/t/elasticsearch-7-17-24-and-8-15-1-security-update-esa-2024-37/376924"
      }
    ],
    "source_lang": "en-US",
    "title": "Elasticsearch: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2025-04-08T22:00:00.000+00:00",
      "generator": {
        "date": "2025-04-09T08:20:15.536+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0742",
      "initial_release_date": "2025-04-08T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-04-08T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.15.1",
                "product": {
                  "name": "Open Source Elasticsearch \u003c8.15.1",
                  "product_id": "T042563"
                }
              },
              {
                "category": "product_version",
                "name": "8.15.1",
                "product": {
                  "name": "Open Source Elasticsearch 8.15.1",
                  "product_id": "T042563-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:elasticsearch:elasticsearch:8.15.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.17.24",
                "product": {
                  "name": "Open Source Elasticsearch \u003c7.17.24",
                  "product_id": "T042566"
                }
              },
              {
                "category": "product_version",
                "name": "7.17.24",
                "product": {
                  "name": "Open Source Elasticsearch 7.17.24",
                  "product_id": "T042566-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:elasticsearch:elasticsearch:7.17.24"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Elasticsearch"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-52980",
      "product_status": {
        "known_affected": [
          "T042563",
          "T042566"
        ]
      },
      "release_date": "2025-04-08T22:00:00.000+00:00",
      "title": "CVE-2024-52980"
    },
    {
      "cve": "CVE-2024-52981",
      "product_status": {
        "known_affected": [
          "T042563",
          "T042566"
        ]
      },
      "release_date": "2025-04-08T22:00:00.000+00:00",
      "title": "CVE-2024-52981"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-52980 (GCVE-0-2024-52980)

Vulnerability from cvelistv5

ghsa-ghfh-p92w-j4mg

Vulnerability from github

fkie_cve-2024-52980

Vulnerability from fkie_nvd

wid-sec-w-2025-0742

Vulnerability from csaf_certbund

Tags

Sightings

Nomenclature