{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T00:17:04.642","vulnerabilities":[{"cve":{"id":"CVE-2022-23712","sourceIdentifier":"security@elastic.co","published":"2022-06-06T18:15:09.300","lastModified":"2024-11-21T06:49:09.573","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request."},{"lang":"es","value":"Se ha detectado un fallo de Denegación de Servicio en Elasticsearch. Usando esta vulnerabilidad, un atacante no autenticado podría cerrar por la fuerza un nodo de Elasticsearch con una petición de red con un formato específico"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@elastic.co","type":"Secondary","description":[{"lang":"en","value":"CWE-754"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.2.1","matchCriteriaId":"D68D665A-3685-4A99-A86D-22655151A6B8"}]}]}],"references":[{"url":"https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530","source":"security@elastic.co","tags":["Release Notes","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220707-0010/","source":"security@elastic.co","tags":["Third Party Advisory"]},{"url":"https://www.elastic.co/community/security/","source":"security@elastic.co","tags":["Vendor Advisory"]},{"url":"https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220707-0010/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.elastic.co/community/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}