Of course. The overall elastic view of the vulnerability can be found in this blog post. I do not run elasticsearch, but I would start here. There is a ton of detail about versions and configuration variations. If an upgrade is viable then I would certainly recommend it.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.