9.8

CVE-2015-1427

Warnung
Exploit
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ElasticElasticsearch Version < 1.3.8
ElasticElasticsearch Version >= 1.4.0 < 1.4.3
RedhatFuse Version1.0.0

25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability

Schwachstelle

The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 99.91% 1
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://access.redhat.com/errata/RHSA-2017:0868
Third Party Advisory
https://www.elastic.co/community/security/
Vendor Advisory
Not Applicable
http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html
Third Party Advisory
Exploit
VDB Entry
http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/534689/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/bid/72585
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/100850
Third Party Advisory
VDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1427
US Government Resource