Elasticsearch Groovy Scripting Engine Sandbox Security Bypass Vulnerability

Bugtraq ID: 72585
Class: Design Error
CVE: CVE-2015-1427
Remote: Yes
Local: No
Published: Feb 11 2015 12:00AM
Updated: Apr 18 2017 01:04AM
Credit: Cameron Morris and Cisco Systems Information Security Team
Vulnerable: Redhat JBoss Fuse 6.2
Elasticsearch Elasticsearch 1.4.2
Elasticsearch Elasticsearch 1.4
Elasticsearch Elasticsearch 1.3.7
Elasticsearch Elasticsearch 1.3
Not Vulnerable: Redhat JBoss Fuse 6.3
Elasticsearch Elasticsearch 1.4.3
Elasticsearch Elasticsearch 1.3.8


 

Privacy Statement
Copyright 2010, SecurityFocus