ID de Prueba:	1.3.6.1.4.1.25623.1.0.105233
Categoría:	Web application abuses
Título:	Elasticsearch Groovy Scripting Engine Unauthenticated Remote Code Execution
Resumen:	Elasticsearch is prone to an unauthenticated remote code; execution (RCE).
Descripción:	Summary: Elasticsearch is prone to an unauthenticated remote code execution (RCE). Vulnerability Insight: The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script. This vulnerability was known to be used by the Setag/BillGates malware in 2019. Vulnerability Impact: An attacker can exploit this issue to bypass certain security restrictions and execute code in the context of this application. Affected Software/OS: Elasticsearch before 1.3.8 and 1.4.x before 1.4.3. Solution: Update to 1.3.8/1.4.3 or later. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1427 BugTraq ID: 72585 http://www.securityfocus.com/bid/72585 Bugtraq: 20150211 Elasticsearch vulnerability CVE-2015-1427 (Google Search) http://www.securityfocus.com/archive/1/534689/100/0/threaded http://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html http://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html RedHat Security Advisories: RHSA-2017:0868 https://access.redhat.com/errata/RHSA-2017:0868 XForce ISS Database: elasticsearch-cve20151427-command-exec(100850) https://exchange.xforce.ibmcloud.com/vulnerabilities/100850
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.