Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Elasticsearch Allocation of Resources Without Limits or Throttling
Vulnerability Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Elasticsearch 安全漏洞
Vulnerability Description
Elasticsearch是荷兰Elastic公司的一个搜索分析引擎。 Elasticsearch存在安全漏洞,该漏洞源于资源分配无限制,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A