Vulnerabilities > Elastic > Elasticsearch > 1.4.2

DATE CVE VULNERABILITY TITLE RISK
2018-03-06 CVE-2015-5377 Injection vulnerability in Elastic Elasticsearch
Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol.
network
low complexity
elastic CWE-74
critical
 9.8
9.8