Computer Security
[EN] securityvulns.ru no-pyccku


Elasticsearch restrictions bypass
Published:22.02.2015
Source:
SecurityVulns ID:14277
Type:library
Threat Level:
5/10
Description:Sandbox restrictions bypass.
Affected:ELASTIC : elasticsearch 1.3
 ELASTIC : elasticsearch 1.4
CVE:CVE-2015-1427 (The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.)
Original documentdocumentELASTIC, Elasticsearch vulnerability CVE-2015-1427 (22.02.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod