Elasticsearch Groovy Scripting Engine Unauthenticated Remote Code Execution CVE-2015-1427
- Severity
- Vulnerability description
- Not available
- Risk description
- Not available
- Recommendation
- Not available
- References
- https://www.cisa.gov/known-exploited-vulnerabilities-cataloghttp://www.securityfocus.com/bid/72585https://www.elastic.co/blog/elasticsearch-1-4-3-and-1-3-8-releasedhttps://blog.trendmicro.com/trendlabs-security-intelligence/multistage-attack-delivers-billgates-setag-backdoor-can-turn-elasticsearch-databases-into-ddos-botnet-zombies/
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- OpenVAS
- Exploitable with Sniper
- No
- CVE Published
- Not available
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect this vulnerability now!
Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.