CVE-2015-1427 - Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability
Project:Elastic
Product:Elasticsearch
Date Added:2022-03-25Due Date:2022-04-15
Vulnerability Name
Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability
Description
The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2015-1427
Related News Articles
251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and ElasticsearchMay 28, 2025