First published: Thu Feb 12 2015(Updated: )
The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/Elasticsearch | <1.3.8 | 1.3.8 |
redhat/Elasticsearch | <1.4.3 | 1.4.3 |
Elastic Elasticsearch | ||
Elastic Elasticsearch | <=1.3.7 | |
Elastic Elasticsearch | =1.4.0 | |
Elastic Elasticsearch | =1.4.0-beta1 | |
Elastic Elasticsearch | =1.4.1 | |
Elastic Elasticsearch | =1.4.2 | |
Elastic Elasticsearch | <1.3.8 | |
Elastic Elasticsearch | >=1.4.0<1.4.3 | |
Red Hat Fuse | =1.0.0 | |
<1.3.8 | ||
>=1.4.0<1.4.3 | ||
=1.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-1427 has been classified with a high severity rating due to its potential for remote code execution.
To fix CVE-2015-1427, upgrade your Elasticsearch version to 1.3.8 or 1.4.3 or later.
CVE-2015-1427 affects Elasticsearch versions prior to 1.3.8 and those in the 1.4.x series prior to 1.4.3.
Yes, CVE-2015-1427 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.
There are no effective workarounds for CVE-2015-1427, so upgrading to a safe version is the only recommended solution.