← Retour aux CVEs
CVE-2014-3120
HIGHCISA KEV8.1
Description
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
Details CVE
Score CVSS v3.18.1
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie7/28/2014
Derniere modification4/22/2026
Sourcekev
Observations honeypot0
CISA KEV
FournisseurElastic
ProduitElasticsearch
Nom vulnerabiliteElasticsearch Remote Code Execution Vulnerability
Date ajout KEV2022-03-25
Date limite remediation2022-04-15
Utilise dans ransomwareUnknown
Produits affectes
elastic:elasticsearch
Faiblesses (CWE)
CWE-284CWE-284
References
http://bouk.co/blog/elasticsearch-rce/(cve@mitre.org)
http://www.exploit-db.com/exploits/33370(cve@mitre.org)
http://www.osvdb.org/106949(cve@mitre.org)
http://www.securityfocus.com/bid/67731(cve@mitre.org)
https://www.elastic.co/blog/logstash-1-4-3-released(cve@mitre.org)
https://www.elastic.co/community/security/(cve@mitre.org)
https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch(cve@mitre.org)
http://bouk.co/blog/elasticsearch-rce/(af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/33370(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/106949(af854a3a-2127-422b-91ae-364da2661108)
http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/67731(af854a3a-2127-422b-91ae-364da2661108)
https://www.elastic.co/blog/logstash-1-4-3-released(af854a3a-2127-422b-91ae-364da2661108)
https://www.elastic.co/community/security/(af854a3a-2127-422b-91ae-364da2661108)
https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3120(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.