CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2015-1427

CVSS 9.8v3.1pub. 2015-02-17upd. 2026-04-22

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Elastic Elasticsearch

    APP
    Elastic
    < 1.3.81.4.0 – 1.4.3 (bez)
  • Red Hat Fuse

    APP
    Redhat
    1.0.0

CISA KEV — detailsi

Vendori
Elastic
Producti
Elasticsearch
Added to KEVi
March 25, 2022
Remediation deadline (US Federal)i
April 15, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 15 kwietnia 2022
CWE
References

Related vulnerabilities

CVE-2016-4437CRITICAL9.8⚠ KEVten sam produkt

Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows rem...

CVE-2025-12543CRITICAL9.6PL ✓ten sam produkt

Brak walidacji nagłówka Host w serwerze Undertow HTTP

CVE-2018-1270CRITICAL9.8ten sam produkt

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions,...

CVE-2015-5377CRITICAL9.8ten sam produkt

Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving...

CVE-2017-5645CRITICAL9.8ten sam produkt

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized ...