Lucene search

K

[email protected]NVD:CVE-2014-3120

HistoryJul 28, 2014 - 7:55 p.m.

CVE-2014-3120

2014-07-2819:55:04

CWE-284

[email protected]

web.nvd.nist.gov

1

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.532 Medium

EPSS

Percentile

97.6%

The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor’s intended security policy if the user does not run Elasticsearch in its own independent virtual machine.

Affected configurations

NVD

Node

elasticsearchelasticsearchRange≤1.1.1

References

bouk.co/blog/elasticsearch-rce/

www.exploit-db.com/exploits/33370

www.osvdb.org/106949

www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce

www.securityfocus.com/bid/67731

www.elastic.co/blog/logstash-1-4-3-released

www.elastic.co/community/security/

www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.532 Medium

EPSS

Percentile

97.6%

Related for NVD:CVE-2014-3120

exploitpack1 cve1 cisa_kev1 freebsd1 nessus3 checkpoint_advisories1 prion1 openvas1 redhat3 nuclei2 attackerkb1 zdt2 veracode2 cvelist1 packetstorm2 exploitdb1 myhack581 threatpost2 talosblog1