CVE-2015-1427
unknown
KEV
CVSS v3
—
CVSS v2
—
VIR risk
1.5
Description
The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.
CISA KEV
- Vendor
- Elastic
- Product
- Elasticsearch
- Due date
- 2022-04-15
Predictions
Exploit likelihood
99%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cisa-kev — https://nvd.nist.gov/vuln/detail/CVE-2015-1427
Exploits
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Maven | org.elasticsearch:elasticsearch | <1.3.8 | 1.3.8 |
| Maven | org.elasticsearch:elasticsearch | >=1.4.0,<1.4.3 | 1.4.3 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2015-1427
- https://access.redhat.com/errata/RHSA-2017:0868
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100850
- https://www.elastic.co/community/security
- http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html
- http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html
- http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released
Verify integrity in audit chain (admin only). AS-IS.