CVE-2022-41917

CVE-2022-41917 is a medium-severity vulnerability in Amazon Opensearch with a CVSS 3.x base score of 4.3. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-755.

Key facts

Description

OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue.

Frequently asked questions

What is CVE-2022-41917?
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue.
How severe is CVE-2022-41917?
CVE-2022-41917 has a CVSS 3.x base score of 4.3, rated medium severity. It is exploitable over network with low attack complexity, requires low privileges and no user interaction. Impact on confidentiality is low, integrity none, and availability none.
Is CVE-2022-41917 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (41st percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2022-41917?
CVE-2022-41917 affects Amazon Opensearch. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2022-41917?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2022-41917 published?
CVE-2022-41917 was published on 2022-11-16 and last updated on 2026-06-17.

References

Affected products (1)

More vulnerabilities in Amazon Opensearch

All CVEs affecting Amazon Opensearch →

Other CWE-755 (Improper Handling of Exceptional Conditions) vulnerabilities

Browse all CWE-755 (Improper Handling of Exceptional Conditions) vulnerabilities →