Assistance with Querying CVEs in Elasticsearch

Hello everyone,

I hope this message finds you well. I am fairly new to Elasticsearch and I am encountering some difficulties with querying.

On a computer with MariaDB 10.11.1 installed, the CPE ID is as follows:
cpe:2.3:a:mariadb:mariadb:10.11.1:::::::*
How can I query the CVE database using this given CPE ID? I want to find out that MariaDB 10.11.1 has CVE-2022-47015.

Despite trying various query methods such as wildcard, term, and match queries, I haven't been able to achieve the correct results.

Could anyone please advise on how to properly query the right CVE using a CPE ID?

Thank you in advance for your help!

In the "nvd_cves" index, there are numerous CVE documents, each identified by a CVE number as the "id."
In the configuration section of these documents, the affected software and hardware are listed using their corresponding CPE IDs.

**CVE-2022-47015 doc**
{
  "took": 1,
  "timed_out": false,
  "_shards": {
    "total": 1,
    "successful": 1,
    "skipped": 0,
    "failed": 0
  },
  "hits": {
    "total": {
      "value": 1,
      "relation": "eq"
    },
    "max_score": 1,
    "hits": [
      {
        "_index": "nvd_cves",
        "_id": "CVE-2022-47015",
        "_score": 1,
        "_source": {
          "cve": {
            "id": "CVE-2022-47015",
            "sourceIdentifier": "cve@mitre.org",
            "published": "2023-01-20T19:15:17.443",
            "lastModified": "2024-06-06T19:45:52.907",
            "vulnStatus": "Analyzed",
            "cveTags": [],
            "descriptions": [
              {
                "lang": "en",
                "value": "MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer."
              },
              {
                "lang": "es",
                "value": "MariaDB Server anterior a 10.3.34 hasta 10.9.3 es vulnerable a la denegación de servicio. Es posible que la función spider_db_mbase::print_warnings elimine la referencia a un puntero null."
              }
            ],
            "metrics": {
              "cvssMetricV31": [
                {
                  "source": "nvd@nist.gov",
                  "type": "Primary",
                  "cvssData": {
                    "version": "3.1",
                    "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                    "attackVector": "NETWORK",
                    "attackComplexity": "LOW",
                    "privilegesRequired": "LOW",
                    "userInteraction": "NONE",
                    "scope": "UNCHANGED",
                    "confidentialityImpact": "NONE",
                    "integrityImpact": "NONE",
                    "availabilityImpact": "HIGH",
                    "baseScore": 6.5,
                    "baseSeverity": "MEDIUM"
                  },
                  "exploitabilityScore": 2.8,
                  "impactScore": 3.6
                }
              ]
            },
            "weaknesses": [
              {
                "source": "nvd@nist.gov",
                "type": "Primary",
                "description": [
                  {
                    "lang": "en",
                    "value": "CWE-476"
                  }
                ]
              }
            ],
            "configurations": [
              {
                "nodes": [
                  {
                    "operator": "OR",
                    "negate": false,
                    "cpeMatch": [
                      {
                        "vulnerable": true,
                        "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                        "versionStartIncluding": "10.3.0",
                        "versionEndExcluding": "10.3.39",
                        "matchCriteriaId": "73B9E2B1-8409-466F-BB25-E170B8575FE0"
                      },
                      {
                        "vulnerable": true,
                        "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                        "versionStartIncluding": "10.4.0",
                        "versionEndExcluding": "10.4.29",
                        "matchCriteriaId": "74BDE25F-E554-4044-92A9-9754344BD1E6"
                      },
                      {
                        "vulnerable": true,
                        "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                        "versionStartIncluding": "10.5.0",
                        "versionEndExcluding": "10.5.20",
                        "matchCriteriaId": "241EBBC7-DA8C-4AAF-9FA1-CEA109CBC302"
                      },
                      {
                        "vulnerable": true,
                        "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                        "versionStartIncluding": "10.6.0",
                        "versionEndExcluding": "10.6.13",
                        "matchCriteriaId": "C8DA6B06-28C2-4FD2-B17A-2082105E62B9"
                      },
                      {
                        "vulnerable": true,
                        "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                        "versionStartIncluding": "10.8.0",
                        "versionEndExcluding": "10.8.8",
                        "matchCriteriaId": "0452672D-238A-427F-8B97-DE1A422112AD"
                      },
                      {
                        "vulnerable": true,
                        "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                        "versionStartIncluding": "10.9.0",
                        "versionEndExcluding": "10.9.6",
                        "matchCriteriaId": "06CF2204-324A-48FE-B4C3-D8CE3F9D1B9D"
                      },
                      {
                        "vulnerable": true,
                        "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                        "versionStartIncluding": "10.10.0",
                        "versionEndExcluding": "10.10.4",
                        "matchCriteriaId": "658EEEF9-02F9-44A8-98C7-AE886697268D"
                      },
                      {
                        "vulnerable": true,
                        "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                        "versionStartIncluding": "10.11.0",
                        "versionEndExcluding": "10.11.3",
                        "matchCriteriaId": "786AA9E0-3E06-42AD-A963-A5C0DA90F9C2"
                      }
                    ]
                  }
                ]
              }
            ],
            "references": [OMIT URL]
          }
        }
      }
    ]
  }
} 

Both wildcard and term found nothing

GET /nvd_cves/_search
{
  "query": {
    "wildcard": {
      "configurations.nodes.cpeMatch.criteria": {
        "value": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"
      }
    }
  }
}

GET /nvd_cves/_search
{
  "query": {
    "bool": {
      "must": [
        {
          "term": {
            "configurations.nodes.cpeMatch.criteria.keyword": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*"
          }
        }
      ]
    }
  }
}

Best regards,
YK

index mapping, I didnt customize mapping while saving docs into index.
{
  "nvd_cves": {
    "mappings": {
      "properties": {
        "cisaActionDue": {
          "type": "date"
        },
        "cisaExploitAdd": {
          "type": "date"
        },
        "cisaRequiredAction": {
          "type": "text",
          "fields": {
            "keyword": {
              "type": "keyword",
              "ignore_above": 256
            }
          }
        },
        "cisaVulnerabilityName": {
          "type": "text",
          "fields": {
            "keyword": {
              "type": "keyword",
              "ignore_above": 256
            }
          }
        },
        "configurations": {
          "properties": {
            "nodes": {
              "properties": {
                "cpeMatch": {
                  "properties": {
                    "criteria": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "matchCriteriaId": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "versionEndExcluding": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "versionEndIncluding": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "versionStartExcluding": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "versionStartIncluding": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "vulnerable": {
                      "type": "boolean"
                    }
                  }
                },
                "negate": {
                  "type": "boolean"
                },
                "operator": {
                  "type": "text",
                  "fields": {
                    "keyword": {
                      "type": "keyword",
                      "ignore_above": 256
                    }
                  }
                }
              }
            },
            "operator": {
              "type": "text",
              "fields": {
                "keyword": {
                  "type": "keyword",
                  "ignore_above": 256
                }
              }
            }
          }
        },
        "cve": {
          "properties": {
            "cisaActionDue": {
              "type": "date"
            },
            "cisaExploitAdd": {
              "type": "date"
            },
            "cisaRequiredAction": {
              "type": "text",
              "fields": {
                "keyword": {
                  "type": "keyword",
                  "ignore_above": 256
                }
              }
            },
            "cisaVulnerabilityName": {
              "type": "text",
              "fields": {
                "keyword": {
                  "type": "keyword",
                  "ignore_above": 256
                }
              }
            },
            "configurations": {
              "properties": {
                "nodes": {
                  "properties": {
                    "cpeMatch": {
                      "properties": {
                        "criteria": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "matchCriteriaId": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "versionEndExcluding": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "versionEndIncluding": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "versionStartExcluding": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "versionStartIncluding": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "vulnerable": {
                          "type": "boolean"
                        }
                      }
                    },
                    "negate": {
                      "type": "boolean"
                    },
                    "operator": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    }
                  }
                },
                "operator": {
                  "type": "text",
                  "fields": {
                    "keyword": {
                      "type": "keyword",
                      "ignore_above": 256
                    }
                  }
                }
              }
            },
            "cveTags": {
              "properties": {
                "sourceIdentifier": {
                  "type": "text",
                  "fields": {
                    "keyword": {
                      "type": "keyword",
                      "ignore_above": 256
                    }
                  }
                },
                "tags": {
                  "type": "text",
                  "fields": {
                    "keyword": {
                      "type": "keyword",
                      "ignore_above": 256
                    }
                  }
                }
              }
            },
            "descriptions": {
              "properties": {
                "lang": {
                  "type": "text",
                  "fields": {
                    "keyword": {
                      "type": "keyword",
                      "ignore_above": 256
                    }
                  }
                },
                "value": {
                  "type": "text",
                  "fields": {
                    "keyword": {
                      "type": "keyword",
                      "ignore_above": 256
                    }
                  }
                }
              }
            },
            "evaluatorComment": {
              "type": "text",
              "fields": {
                "keyword": {
                  "type": "keyword",
                  "ignore_above": 256
                }
              }
            },
            "evaluatorImpact": {
              "type": "text",
              "fields": {
                "keyword": {
                  "type": "keyword",
                  "ignore_above": 256
                }
              }
            },
            "evaluatorSolution": {
              "type": "text",
              "fields": {
                "keyword": {
                  "type": "keyword",
                  "ignore_above": 256
                }
              }
            },
            "id": {
              "type": "text",
              "fields": {
                "keyword": {
                  "type": "keyword",
                  "ignore_above": 256
                }
              }
            },
            "lastModified": {
              "type": "date"
            },
            "metrics": {
              "properties": {
                "cvssMetricV2": {
                  "properties": {
                    "acInsufInfo": {
                      "type": "boolean"
                    },
                    "baseSeverity": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "cvssData": {
                      "properties": {
                        "accessComplexity": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "accessVector": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "authentication": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "availabilityImpact": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "baseScore": {
                          "type": "float"
                        },
                        "confidentialityImpact": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "integrityImpact": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "vectorString": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "version": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        }
                      }
                    },
                    "exploitabilityScore": {
                      "type": "float"
                    },
                    "impactScore": {
                      "type": "float"
                    },
                    "obtainAllPrivilege": {
                      "type": "boolean"
                    },
                    "obtainOtherPrivilege": {
                      "type": "boolean"
                    },
                    "obtainUserPrivilege": {
                      "type": "boolean"
                    },
                    "source": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "type": {
                      "type": "text",
                      "fields": {
                        "keyword": {
                          "type": "keyword",
                          "ignore_above": 256
                        }
                      }
                    },
                    "userInteractionRequired": {
                      "type": "boolean"
                    }
                  }
                },
                "cvssMetricV30": {
                  "properties": {
                    "cvssData": {
                      "properties": {
                        "attackComplexity": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "attackVector": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "availabilityImpact": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "baseScore": {
                          "type": "float"
                        },
                        "baseSeverity": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "confidentialityImpact": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        },
                        "integrityImpact": {
                          "type": "text",
                          "fields": {
                            "keyword": {
                              "type": "keyword",
                              "ignore_above": 256
                            }
                          }
                        }
                    -----OMIT----
              }
            }
          }
        }
      }
    }
  }
}


From Elastic Search to Elasticsearch