Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1427

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2015-1427
Last Modified 25 Jun 2015 11:16:18
Published 17 Feb 2015 10:59:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-1427

Summary

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.

Vulnerable Systems

Application

  • Elasticsearch 1.3.7

  • Elasticsearch 1.4.0

  • Elasticsearch 1.4.1

  • Elasticsearch 1.4.2


References

XF - elasticsearch-cve20151427-command-exec(100850)

BID - 72585

BUGTRAQ - 20150211 Elasticsearch vulnerability CVE-2015-1427

CONFIRM - http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/

MISC - http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html

MISC - http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html

CONFIRM - https://www.elastic.co/community/security/


Last Updated: 27 May 2016 11:07:52