CVE-2022-23712

Name of the Vulnerable Software and Affected Versions Elasticsearch versions 8.0.0 through 8.2.0

Description A Denial of Service flaw was discovered in Elasticsearch, related to insufficient exception handling. This issue can be exploited by an unauthenticated attacker to shut down an Elasticsearch node using a specifically formatted network request.

Recommendations For versions 8.0.0 through 8.2.0, update to version 8.2.1 or later, which contains a patch for this issue. As a temporary workaround, consider restricting access to the Elasticsearch node to minimize the risk of exploitation.