What is the severity of CVE-2024-23449?

The severity of CVE-2024-23449 is considered critical due to the potential for crashing the Elasticsearch service.

How do I fix CVE-2024-23449?

To fix CVE-2024-23449, you should upgrade your Elasticsearch instance to version 8.11.1 or later.

What software versions are affected by CVE-2024-23449?

CVE-2024-23449 affects Elasticsearch versions 8.4.0 through 8.11.0.

What happens if I attempt to process an encrypted PDF with CVE-2024-23449?

Attempting to process an encrypted PDF will cause the Elasticsearch ingest node to crash.

Are password-protected PDFs affected by CVE-2024-23449?

No, password-protected PDFs are not affected by CVE-2024-23449.

Vulnerability/
CVE-2024-23449

medium

5.3

CWE

248

29/3/2024

4/2/2025

CVE-2024-23449: Elasticsearch Uncaught Exception

First published: Fri Mar 29 2024(Updated: )

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.

Credit: bressers@elastic.co bressers@elastic.co

Affected Software	Affected Version	How to fix
maven/org.elasticsearch:elasticsearch	>=8.4.0<8.11.1	8.11.1
Elastic Elasticsearch	>=8.4.0<8.11.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-23449?
The severity of CVE-2024-23449 is considered critical due to the potential for crashing the Elasticsearch service.
How do I fix CVE-2024-23449?
To fix CVE-2024-23449, you should upgrade your Elasticsearch instance to version 8.11.1 or later.
What software versions are affected by CVE-2024-23449?
CVE-2024-23449 affects Elasticsearch versions 8.4.0 through 8.11.0.
What happens if I attempt to process an encrypted PDF with CVE-2024-23449?
Attempting to process an encrypted PDF will cause the Elasticsearch ingest node to crash.
Are password-protected PDFs affected by CVE-2024-23449?
No, password-protected PDFs are not affected by CVE-2024-23449.

agent/title
agent/weakness
agent/first-publish-date
agent/type
agent/description
collector/github-advisory-latest
source/GitHub
alias/GHSA-pw39-f3m5-cxfc
alias/CVE-2024-23449
agent/software-canonical-lookup
agent/references
agent/softwarecombine
collector/nvd-cve
source/NVD
agent/severity
agent/event
agent/author
collector/github-advisory
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/source
agent/tags
collector/nvd-api
package-manager/maven
vendor/elastic
canonical/elastic elasticsearch
version/elastic elasticsearch/8.4.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2024-23449?
The severity of CVE-2024-23449 is considered critical due to the potential for crashing the Elasticsearch service.
How do I fix CVE-2024-23449?
To fix CVE-2024-23449, you should upgrade your Elasticsearch instance to version 8.11.1 or later.
What software versions are affected by CVE-2024-23449?
CVE-2024-23449 affects Elasticsearch versions 8.4.0 through 8.11.0.
What happens if I attempt to process an encrypted PDF with CVE-2024-23449?
Attempting to process an encrypted PDF will cause the Elasticsearch ingest node to crash.
Are password-protected PDFs affected by CVE-2024-23449?
No, password-protected PDFs are not affected by CVE-2024-23449.