vulnerability

Elastic Elasticsearch: CVE-2023-46673: Improper Handling of Exceptional Conditions

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:N/I:N/A:C)	Nov 22, 2023	May 13, 2025	Nov 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:C)

Published

Nov 22, 2023

Added

May 13, 2025

Modified

Nov 18, 2025

Description

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.

Solution

elastic-elasticsearch-upgrade-latest

References

CWE-755
CVE-2023-46673
https://attackerkb.com/topics/CVE-2023-46673
URL-https://discuss.elastic.co/t/elasticsearch-7-17-14-8-10-3-security-update-esa-2023-24/347708
URL-https://www.elastic.co/community/security

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today