ElasticSearch 1.4.0/1.4.2 RCE Vulnerability CVE-2015-1427 Scanner

Details
Stay Up To Date
Asset Type

domain,ip,url

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

ElasticSearch 1.4.0/1.4.2 RCE Vulnerability CVE-2015-1427 Scanner Detail

ElasticSearch v1.4.0/1.4.2 allows remote code excecution vulnerability.

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.

Some Advice for Common Problems

You need to update your app.

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service