9.8

CVE-2015-1427

Warning
Exploit

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.

Data is provided by the National Vulnerability Database (NVD)
ElasticElasticsearch Version < 1.3.8
ElasticElasticsearch Version >= 1.4.0 < 1.4.3
RedhatFuse Version1.0.0

25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability

Vulnerability

The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

Description

Apply updates per vendor instructions.

Required actions
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 92.88% 0.998
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
https://www.elastic.co/community/security/
Vendor Advisory
Not Applicable
http://www.securityfocus.com/archive/1/534689/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/bid/72585
Third Party Advisory
Broken Link
VDB Entry