返回 CVE 浏览器

CVE-2014-3120

Known Exploited (CISA KEV)HIGH

8.1

CVSS Severity Score

EPSS Score81.1470%

EPSS Percentile96.58th

Published2014年7月28日

Last Modified2026年4月22日

Vulnerability Description

The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.

Affected Platforms (CPE)

📦

Elastic

Elasticsearch

< 1.2.0

References & Advisories

🔗 http://bouk.co/blog/elasticsearch-rce/

🔗 http://www.exploit-db.com/exploits/33370

🔗 http://www.osvdb.org/106949

🔗 http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce

🔗 http://www.securityfocus.com/bid/67731

🔗 https://www.elastic.co/blog/logstash-1-4-3-released

🔗 https://www.elastic.co/community/security/

🔗 https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch

相关漏洞威胁

CVE-2015-53779.8

Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport proto...

CVE-2017-126299.8

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of ...

CVE-2015-14279.8

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox pro...

CVE-2020-150979.1

loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server ...