Security Advisory

CVE-2024-52980

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-08 16:43:41

Last updated 2025-04-08 19:59:43

Assigner elastic

State PUBLISHED

Description

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.

← Browse all CVEs View on cve.org ↗