CVE-2015-1427
KEV
🔴 Łataj teraz
Obejście mechanizmu ochrony w Elasticsearch umożliwia zdalne wykonanie dowolnych poleceń.
CVSS
9.8
EPSS
92.3%
Exploit
weaponized
Vendor
elastic
Opis źródłowy (NVD)
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
exploit
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.8 |
| CISA KEV (aktywnie wykorzystywane) | Tak |
| FIRST EPSS (prawdopodobieństwo exploita) | 92.3% |
| Opublikowano (NVD) | 2015-02-17 15:59:04 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-22 13:58:19 UTC |
Referencje
- http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html (cve@mitre.org) [Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html (cve@mitre.org) [Exploit, Third Party Advisory, VDB Entry]
- http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/ (cve@mitre.org) [Patch, Vendor Advisory]
- http://www.securityfocus.com/archive/1/534689/100/0/threaded (cve@mitre.org) [Broken Link, Third Party Advisory, VDB Entry]
- http://www.securityfocus.com/bid/72585 (cve@mitre.org) [Broken Link, Third Party Advisory, VDB Entry]
- https://access.redhat.com/errata/RHSA-2017:0868 (cve@mitre.org) [Third Party Advisory]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100850 (cve@mitre.org) [Third Party Advisory, VDB Entry]
- https://www.elastic.co/community/security/ (cve@mitre.org) [Not Applicable, Vendor Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1427 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]