CVSS 3.1 Score 7.5 of 10 (high)


Published Oct 26, 2023
Updated: Nov 30, 2023
CWE ID 400


CVE-2023-31418 is a vulnerability that affects Elasticsearch, an open-source search and analytics engine. The vulnerability allows an unauthenticated user to cause an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue has been identified by Elastic Engineering and there is no evidence of it being exploited in the wild. To remediate this vulnerability, organizations using affected versions of Elasticsearch should upgrade to the latest version, which includes a fix for this issue. This vulnerability poses a high danger to organizations as it could lead to denial of service attacks and disruption of critical services.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-31418 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options