← Voltar para CVEs
CVE-2014-3120
HIGHCISA KEV8.1
Descricao
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
Detalhes CVE
Pontuacao CVSS v3.18.1
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado7/28/2014
Ultima modificacao4/22/2026
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorElastic
ProdutoElasticsearch
Nome da vulnerabilidadeElasticsearch Remote Code Execution Vulnerability
Data inclusao KEV2022-03-25
Prazo de remediacao2022-04-15
Uso em ransomwareUnknown
Produtos afetados
elastic:elasticsearch
Fraquezas (CWE)
CWE-284CWE-284
Referencias
http://bouk.co/blog/elasticsearch-rce/(cve@mitre.org)
http://www.exploit-db.com/exploits/33370(cve@mitre.org)
http://www.osvdb.org/106949(cve@mitre.org)
http://www.securityfocus.com/bid/67731(cve@mitre.org)
https://www.elastic.co/blog/logstash-1-4-3-released(cve@mitre.org)
https://www.elastic.co/community/security/(cve@mitre.org)
https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch(cve@mitre.org)
http://bouk.co/blog/elasticsearch-rce/(af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/33370(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/106949(af854a3a-2127-422b-91ae-364da2661108)
http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/67731(af854a3a-2127-422b-91ae-364da2661108)
https://www.elastic.co/blog/logstash-1-4-3-released(af854a3a-2127-422b-91ae-364da2661108)
https://www.elastic.co/community/security/(af854a3a-2127-422b-91ae-364da2661108)
https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3120(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.