Описание
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search.
Отчет
On Subscription Asset Manager (SAM) 1, the elasticsearch service is only bound to the loopback interface by default. To exploit this issue on a SAM 1 system, an attacker must have local access to the system. On Red Hat JBoss Fuse and Red Hat JBoss A-MQ, the elasticsearch service is only started if the insight-elasticsearch feature is installed. This feature is not installed by default.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Enterprise Web Server 1 | amq-6 | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-6 | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-amq-7 | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-esb-7 | Affected | ||
| Red Hat Satellite 6 | elasticsearch | Not affected | ||
| Fuse ESB Enterprise 7.1.0 | Fixed | RHSA-2014:1171 | 10.09.2014 | |
| Fuse Management Console 7.1.0 | Fixed | RHSA-2014:1171 | 10.09.2014 | |
| Fuse MQ Enterprise 7.1.0 | Fixed | RHSA-2014:1171 | 10.09.2014 | |
| Red Hat JBoss A-MQ 6.1 | Fixed | RHSA-2014:1170 | 10.09.2014 | |
| Red Hat JBoss Fuse 6.1 | Fixed | RHSA-2014:1170 | 10.09.2014 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
The default configuration in Elasticsearch before 1.2 enables dynamic ...
Elasticsearch Improper Access Control vulnerability
EPSS
6.8 Medium
CVSS2