CVE-2022-41917: Incorrect Error Handling Allowed Partial File Reads Over REST API in OpenSearch

Published Nov 15, 2022
·
Updated

OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue.

Other sources

OpenSearch Project OpenSearch could allow a remote authenticated attacker to obtain sensitive information, caused by an incorrect error handling in the REST API. By sending a specially-crafted request, an attacker could exploit this vulnerability to read partial file information, and use this information to launch further attacks against the affected system.

IBM

Affected Software

4 affected components
IBM Cognos Dashboards on Cloud Pak for Data<=5.0.0
IBM Cognos Dashboards on Cloud Pak for Data<=4.8.0
Amazon OpenSearch Notifications>=1.0.0<1.3.7
Amazon OpenSearch Notifications>=2.0.0<2.4.0

Remediation

Patch Available

https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0

Event History

Nov 15, 2022
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2022-41917?

CVE-2022-41917 is a vulnerability in OpenSearch that allows certain specially crafted queries to return a response.

2

What is the severity of CVE-2022-41917?

CVE-2022-41917 has a severity rating of medium with a CVSS score of 4.3.

3

How does CVE-2022-41917 affect OpenSearch?

CVE-2022-41917 affects OpenSearch versions 1.0.0 to 1.3.7 and 2.0.0 to 2.4.0.

4

How can I fix CVE-2022-41917?

To fix CVE-2022-41917, it is recommended to upgrade to a version of OpenSearch that includes the fix.

5

Where can I find more information about CVE-2022-41917?

More information about CVE-2022-41917 can be found in the OpenSearch GitHub repository and the OpenSearch security advisories.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203