CVE-2024-52797

Name of the Vulnerable Software and Affected Versions Opencast versions prior to 13.10 Opencast versions prior to 14.3

Description Opencast's Elasticsearch integration may generate syntactically invalid Elasticsearch queries, causing the retry mechanism to begin requerying with the same syntactically invalid query immediately, in an infinite loop. This leads to a massive increase in log size, potentially causing a denial of service due to disk exhaustion. The issue could be easily triggered by normal administrative work on an affected Opencast system.

Recommendations For Opencast versions prior to 13.10, upgrade to version 13.10 or later to address the base issue. For Opencast versions prior to 14.3, upgrade to version 14.3 or later to address the base issue. If running a version newer than 13.10 and 14.3 and seeing different results when searching in the admin UI vs the external API or LMS, upgrade to version 16.7 to harmonize the search behavior. As a temporary workaround, consider restricting access to the ROLE ADMIN or ROLE API SERIES VIEW endpoints to minimize the risk of exploitation. No other workarounds are available for this issue.