语言:
https://www.elastic.co/community/security
https://www.elastic.co/blog/elasticsearch-1-2-0-released
https://www.elastic.co/blog/logstash-1-4-3-released
https://bouk.co/blog/elasticsearch-rce/
http://www.nessus.org/u?27fc4ce3
严重性: Medium
ID: 84411
文件名: freebsd_pkg_43ac9d421b9a11e5b43d002590263bf5.nasl
版本: 2.9
类型: local
发布时间: 2015/6/26
最近更新时间: 2022/3/28
支持的传感器: Nessus
风险因素: Critical
分数: 9.7
风险因素: Medium
基本分数: 6.8
时间分数: 5.3
矢量: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE: p-cpe:/a:freebsd:freebsd:elasticsearch, p-cpe:/a:freebsd:freebsd:logstash, cpe:/o:freebsd:freebsd
必需的 KB 项: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
可利用: true
易利用性: Exploits are available
补丁发布日期: 2015/6/26
漏洞发布日期: 2014/5/22
CISA 已知可遭利用的漏洞到期日期: 2022/4/15
Metasploit (ElasticSearch Dynamic Script Arbitrary Java Execution)
CVE: CVE-2014-3120
BID: 67731