CVE-2024-52980

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919	Patch Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*

History

30 Sep 2025, 21:35

Type	Values Removed	Values Added
Summary		(es) Se descubrió una falla en Elasticsearch. Una recursión extensa con la función innerForbidCircularReferences de la clase PatternBank podía provocar el bloqueo del nodo Elasticsearch. Para que el ataque tenga éxito, se requiere que un usuario malintencionado tenga asignado el privilegio read_pipeline del clúster de Elasticsearch.
CPE		cpe:2.3:a:elastic:elasticsearch::::::::
References	~~() https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919 -~~	() https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919 - Patch, Issue Tracking, Vendor Advisory
First Time		Elastic elasticsearch Elastic

08 Apr 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-08 17:15

Updated : 2025-09-30 21:35

NVD link : CVE-2024-52980

Mitre link : CVE-2024-52980

CVE.ORG link : CVE-2024-52980

JSON object : View

Products Affected

elastic

elasticsearch

CWE

CWE-400

Uncontrolled Resource Consumption

6.5 /10