Main Vulnerability Database Exploits ID:3759 - Exploit for Improper access control in Elasticsearch - CVE-2015-1427

ID:3759 - Exploit for Improper access control in Elasticsearch - CVE-2015-1427

Published: August 9, 2020

Vulnerability identifier: #VU40890

Vulnerability risk: Medium

CVE-ID: CVE-2015-1427

CWE-ID: CWE-284

Exploitation vector: Remote access

Vulnerable software:
Elasticsearch

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/multi/elasticsearch/search_groovy_script

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.

Remediation

Install update from vendor's website.

ID:3759 - Exploit for Improper access control in Elasticsearch - CVE-2015-1427

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human