Security News > 2015 > December > Elasticsearch servers actively targeted by botmasters (Help Net Security)

Elasticsearch servers actively targeted by botmasters (Help Net Security)

2015-12-03 13:00

Elasticsearch is one of the most popular choices when it comes to enterprise search engines. Unfortunately, a couple of remote code execution flaws (CVE-2015-5377, CVE-2015-1427) discovered and pub...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/XL4cAy4Ya_4/secworld.php

#security #server #CVE-2015-5377 #CVE-2015-1427

Related news

Critical Exim bug bypasses security filters on 1.5 million mail servers (source)
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges (source)

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-06	CVE-2015-5377	Injection vulnerability in Elastic Elasticsearch Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. network low complexity elastic CWE-74 critical	9.8
2015-02-17	CVE-2015-1427	The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script. network low complexity elastic redhat critical	9.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Elasticsearch		8	0	14	1	0	15

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.