CVE-2015-1427

Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability

Beschreibung

The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

Schweregrad: CRITICAL

CVSS-Score: 9.8

Hersteller: Elastic

Produkt: Elasticsearch