cvelistv5 - cve-2014-3120

CVE-2014-3120 (GCVE-0-2014-3120)

Vulnerability from cvelistv5 – Published: 2014-07-28 19:00 – Updated: 2025-10-22 00:05

CISA

Summary

The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE

Assigner

mitre

References

URL

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2022-03-25

Due date: 2022-04-15

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2014-3120

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:35:56.466Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
          },
          {
            "name": "33370",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/33370"
          },
          {
            "name": "67731",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67731"
          },
          {
            "name": "106949",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/106949"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bouk.co/blog/elasticsearch-rce/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.elastic.co/community/security/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2014-3120",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T20:14:11.275052Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3120"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-22T00:05:37.084Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3120"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-25T00:00:00+00:00",
            "value": "CVE-2014-3120 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-06-15T14:57:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
        },
        {
          "name": "33370",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/33370"
        },
        {
          "name": "67731",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67731"
        },
        {
          "name": "106949",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/106949"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bouk.co/blog/elasticsearch-rce/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.elastic.co/community/security/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3120",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.elastic.co/blog/logstash-1-4-3-released",
              "refsource": "CONFIRM",
              "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
            },
            {
              "name": "33370",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/33370"
            },
            {
              "name": "67731",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67731"
            },
            {
              "name": "106949",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/106949"
            },
            {
              "name": "http://bouk.co/blog/elasticsearch-rce/",
              "refsource": "MISC",
              "url": "http://bouk.co/blog/elasticsearch-rce/"
            },
            {
              "name": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce",
              "refsource": "MISC",
              "url": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce"
            },
            {
              "name": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch",
              "refsource": "MISC",
              "url": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch"
            },
            {
              "name": "https://www.elastic.co/community/security/",
              "refsource": "CONFIRM",
              "url": "https://www.elastic.co/community/security/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-3120",
    "datePublished": "2014-07-28T19:00:00.000Z",
    "dateReserved": "2014-04-29T00:00:00.000Z",
    "dateUpdated": "2025-10-22T00:05:37.084Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2014-3120",
      "cwes": "[\"CWE-284\"]",
      "dateAdded": "2022-03-25",
      "dueDate": "2022-04-15",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120",
      "product": "Elasticsearch",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.",
      "vendorProject": "Elastic",
      "vulnerabilityName": "Elasticsearch Remote Code Execution Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-04-15",
      "cisaExploitAdd": "2022-03-25",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Elasticsearch Remote Code Execution Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.1.1\", \"matchCriteriaId\": \"B31061F1-66B7-4F12-93CE-685F82BCB17B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine.\"}, {\"lang\": \"es\", \"value\": \"La configuraci\\u00f3n por defecto en Elasticsearch anterior a 1.2 habilita secuencias de comandos din\\u00e1micos, lo que permite a atacantes remotos ejecutar expresiones MVEL arbitrarias y c\\u00f3digo Java a trav\\u00e9s del par\\u00e1metro source en _search. NOTA: esto solamente viola la pol\\u00edtica de seguridad del proveedor si el usuario no hace funcionar Elasticsearch en su propia maquina virtual independiente.\"}]",
      "id": "CVE-2014-3120",
      "lastModified": "2025-01-06T19:36:35.477",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-07-28T19:55:04.490",
      "references": "[{\"url\": \"http://bouk.co/blog/elasticsearch-rce/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.exploit-db.com/exploits/33370\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.osvdb.org/106949\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/67731\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://www.elastic.co/blog/logstash-1-4-3-released\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.elastic.co/community/security/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://bouk.co/blog/elasticsearch-rce/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.exploit-db.com/exploits/33370\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.osvdb.org/106949\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/67731\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://www.elastic.co/blog/logstash-1-4-3-released\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.elastic.co/community/security/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-3120\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-07-28T19:55:04.490\",\"lastModified\":\"2025-10-22T01:15:56.260\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine.\"},{\"lang\":\"es\",\"value\":\"La configuraci\u00f3n por defecto en Elasticsearch anterior a 1.2 habilita secuencias de comandos din\u00e1micos, lo que permite a atacantes remotos ejecutar expresiones MVEL arbitrarias y c\u00f3digo Java a trav\u00e9s del par\u00e1metro source en _search. NOTA: esto solamente viola la pol\u00edtica de seguridad del proveedor si el usuario no hace funcionar Elasticsearch en su propia maquina virtual independiente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-03-25\",\"cisaActionDue\":\"2022-04-15\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Elasticsearch Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2\",\"matchCriteriaId\":\"985437E6-A916-4359-8EB6-45C35ABA0742\"}]}]}],\"references\":[{\"url\":\"http://bouk.co/blog/elasticsearch-rce/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.exploit-db.com/exploits/33370\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.osvdb.org/106949\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/67731\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.elastic.co/blog/logstash-1-4-3-released\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.elastic.co/community/security/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://bouk.co/blog/elasticsearch-rce/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.exploit-db.com/exploits/33370\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.osvdb.org/106949\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/67731\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.elastic.co/blog/logstash-1-4-3-released\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.elastic.co/community/security/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3120\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.elastic.co/blog/logstash-1-4-3-released\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.exploit-db.com/exploits/33370\", \"name\": \"33370\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/67731\", \"name\": \"67731\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.osvdb.org/106949\", \"name\": \"106949\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"]}, {\"url\": \"http://bouk.co/blog/elasticsearch-rce/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.elastic.co/community/security/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T10:35:56.466Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2014-3120\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T20:14:11.275052Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-3120\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284 Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T20:14:00.825Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-25T00:00:00+00:00\", \"value\": \"CVE-2014-3120 added to CISA KEV\"}]}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2014-05-15T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.elastic.co/blog/logstash-1-4-3-released\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.exploit-db.com/exploits/33370\", \"name\": \"33370\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://www.securityfocus.com/bid/67731\", \"name\": \"67731\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.osvdb.org/106949\", \"name\": \"106949\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"]}, {\"url\": \"http://bouk.co/blog/elasticsearch-rce/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.elastic.co/community/security/\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2015-06-15T14:57:00.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.elastic.co/blog/logstash-1-4-3-released\", \"name\": \"https://www.elastic.co/blog/logstash-1-4-3-released\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.exploit-db.com/exploits/33370\", \"name\": \"33370\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://www.securityfocus.com/bid/67731\", \"name\": \"67731\", \"refsource\": \"BID\"}, {\"url\": \"http://www.osvdb.org/106949\", \"name\": \"106949\", \"refsource\": \"OSVDB\"}, {\"url\": \"http://bouk.co/blog/elasticsearch-rce/\", \"name\": \"http://bouk.co/blog/elasticsearch-rce/\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce\", \"name\": \"http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch\", \"name\": \"https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.elastic.co/community/security/\", \"name\": \"https://www.elastic.co/community/security/\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2014-3120\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2014-3120\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-28T19:46:51.982Z\", \"dateReserved\": \"2014-04-29T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2014-07-28T19:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

RHSA-2014:1171

Vulnerability from csaf_redhat - Published: 2014-09-10 05:43 - Updated: 2025-11-21 17:49

Summary

Red Hat Security Advisory: Fuse ESB Enterprise/Fuse MQ Enterprise 7.1.0 update

Notes

Topic

This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0. Red Hat Product Security has rated this security issue as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Details

Fuse ESB Enterprise is an integration platform based on Apache ServiceMix. Fuse MQ Enterprise, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. Fuse ESB Enterprise and Fuse MQ Enterprise include the insight plug-in, which provides insight into a Fuse Fabric using Elasticsearch to query data for logs, metrics or historic Camel messages. This plug-in is not enabled by default, and is provided as a technology preview. If it is enabled by installing the feature, for example: JBossFuse:karaf@root> features:install insight-elasticsearch Then an Elasticsearch server will be started. It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search. (CVE-2014-3120) All users of Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0 as provided from the Red Hat Customer Portal who have enabled Elasticsearch are advised to follow the instructions provided in the Solution section of this advisory.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This advisory contains instructions on how to resolve one security issue\nin the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ\nEnterprise 7.1.0.\n\nRed Hat Product Security has rated this security issue as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Fuse ESB Enterprise is an integration platform based on Apache ServiceMix.\nFuse MQ Enterprise, based on Apache ActiveMQ, is a standards-compliant\nmessaging system that is tailored for use in mission critical applications.\n\nFuse ESB Enterprise and Fuse MQ Enterprise include the insight plug-in,\nwhich provides insight into a Fuse Fabric using Elasticsearch to query data\nfor logs, metrics or historic Camel messages. This plug-in is not enabled\nby default, and is provided as a technology preview. If it is enabled by\ninstalling the feature, for example:\n\nJBossFuse:karaf@root\u003e features:install insight-elasticsearch\n\nThen an Elasticsearch server will be started. It was discovered that the\ndefault configuration of Elasticsearch enabled dynamic scripting, allowing\na remote attacker to execute arbitrary MVEL expressions and Java code via\nthe source parameter passed to _search. (CVE-2014-3120)\n\nAll users of Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0 as provided\nfrom the Red Hat Customer Portal who have enabled Elasticsearch are advised\nto follow the instructions provided in the Solution section of this\nadvisory.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2014:1171",
        "url": "https://access.redhat.com/errata/RHSA-2014:1171"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/1191453",
        "url": "https://access.redhat.com/solutions/1191453"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/1189133",
        "url": "https://access.redhat.com/solutions/1189133"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/support/offerings/techpreview",
        "url": "https://access.redhat.com/support/offerings/techpreview"
      },
      {
        "category": "external",
        "summary": "1124252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1171.json"
      }
    ],
    "title": "Red Hat Security Advisory: Fuse ESB Enterprise/Fuse MQ Enterprise 7.1.0 update",
    "tracking": {
      "current_release_date": "2025-11-21T17:49:52+00:00",
      "generator": {
        "date": "2025-11-21T17:49:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2014:1171",
      "initial_release_date": "2014-09-10T05:43:30+00:00",
      "revision_history": [
        {
          "date": "2014-09-10T05:43:30+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2014-09-10T05:43:30+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:49:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Fuse ESB Enterprise 7.1.0",
                "product": {
                  "name": "Fuse ESB Enterprise 7.1.0",
                  "product_id": "Fuse ESB Enterprise 7.1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:fuse_esb_enterprise:7.1.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fuse Management Console 7.1.0",
                "product": {
                  "name": "Fuse Management Console 7.1.0",
                  "product_id": "Fuse Management Console 7.1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:fuse_management_console:7.1.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fuse MQ Enterprise 7.1.0",
                "product": {
                  "name": "Fuse MQ Enterprise 7.1.0",
                  "product_id": "Fuse MQ Enterprise 7.1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:fuse_mq_enterprise:7.1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Fuse Enterprise Middleware"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-3120",
      "cwe": {
        "id": "CWE-749",
        "name": "Exposed Dangerous Method or Function"
      },
      "discovery_date": "2014-07-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1124252"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "elasticsearch: remote code execution flaw via dynamic scripting",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "On Subscription Asset Manager (SAM) 1, the elasticsearch service is only bound to the loopback interface by default. To exploit this issue on a SAM 1 system, an attacker must have local access to the system. On Red Hat JBoss Fuse and Red Hat JBoss A-MQ, the elasticsearch service is only started if the insight-elasticsearch feature is installed. This feature is not installed by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Fuse ESB Enterprise 7.1.0",
          "Fuse MQ Enterprise 7.1.0",
          "Fuse Management Console 7.1.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "RHBZ#1124252",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3120",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/1191453",
          "url": "https://access.redhat.com/solutions/1191453"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2013-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2014-09-10T05:43:30+00:00",
          "details": "To mitigate this issue, follow the instructions at\nhttps://access.redhat.com/solutions/1191453\n\nFor more information, refer to https://access.redhat.com/solutions/1189133",
          "product_ids": [
            "Fuse ESB Enterprise 7.1.0",
            "Fuse MQ Enterprise 7.1.0",
            "Fuse Management Console 7.1.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2014:1171"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "Fuse ESB Enterprise 7.1.0",
            "Fuse MQ Enterprise 7.1.0",
            "Fuse Management Console 7.1.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "elasticsearch: remote code execution flaw via dynamic scripting"
    }
  ]
}

RHSA-2014:1170

Vulnerability from csaf_redhat - Published: 2014-09-10 05:33 - Updated: 2025-11-21 17:49

Summary

Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security update

Notes

Topic

This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Red Hat JBoss Fuse and A-MQ 6.1.0. Red Hat Product Security has rated this security issue as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Details

Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. Red Hat JBoss Fuse and A-MQ include the insight plug-in, which provides insight into a Fuse Fabric using Elasticsearch to query data for logs, metrics or historic Camel messages. This plug-in is not enabled by default, and is provided as a technology preview. If it is enabled by installing the feature, for example: JBossFuse:karaf@root> features:install insight-elasticsearch Then an Elasticsearch server will be started. It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search. (CVE-2014-3120) All users of Red Hat JBoss Fuse and A-MQ 6.1.0 as provided from the Red Hat Customer Portal who have enabled Elasticsearch are advised to follow the instructions provided in the Solution section of this advisory.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This advisory contains instructions on how to resolve one security issue\nin the Elasticsearch component in Red Hat JBoss Fuse and A-MQ 6.1.0.\n\nRed Hat Product Security has rated this security issue as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint,\nflexible, open source enterprise service bus and integration platform. Red\nHat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant\nmessaging system that is tailored for use in mission critical applications.\n\nRed Hat JBoss Fuse and A-MQ include the insight plug-in, which provides\ninsight into a Fuse Fabric using Elasticsearch to query data for logs,\nmetrics or historic Camel messages. This plug-in is not enabled by default,\nand is provided as a technology preview. If it is enabled by installing the\nfeature, for example:\n\nJBossFuse:karaf@root\u003e features:install insight-elasticsearch\n\nThen an Elasticsearch server will be started. It was discovered that the\ndefault configuration of Elasticsearch enabled dynamic scripting, allowing\na remote attacker to execute arbitrary MVEL expressions and Java code via\nthe source parameter passed to _search. (CVE-2014-3120)\n\nAll users of Red Hat JBoss Fuse and A-MQ 6.1.0 as provided from the Red Hat\nCustomer Portal who have enabled Elasticsearch are advised to follow the\ninstructions provided in the Solution section of this advisory.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2014:1170",
        "url": "https://access.redhat.com/errata/RHSA-2014:1170"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/1191453",
        "url": "https://access.redhat.com/solutions/1191453"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/1189133",
        "url": "https://access.redhat.com/solutions/1189133"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/support/offerings/techpreview",
        "url": "https://access.redhat.com/support/offerings/techpreview"
      },
      {
        "category": "external",
        "summary": "1124252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1170.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:49:52+00:00",
      "generator": {
        "date": "2025-11-21T17:49:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2014:1170",
      "initial_release_date": "2014-09-10T05:33:20+00:00",
      "revision_history": [
        {
          "date": "2014-09-10T05:33:20+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2019-02-20T12:33:31+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:49:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss A-MQ 6.1",
                "product": {
                  "name": "Red Hat JBoss A-MQ 6.1",
                  "product_id": "Red Hat JBoss A-MQ 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:6.1.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Fuse 6.1",
                "product": {
                  "name": "Red Hat JBoss Fuse 6.1",
                  "product_id": "Red Hat JBoss Fuse 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-3120",
      "cwe": {
        "id": "CWE-749",
        "name": "Exposed Dangerous Method or Function"
      },
      "discovery_date": "2014-07-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1124252"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "elasticsearch: remote code execution flaw via dynamic scripting",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "On Subscription Asset Manager (SAM) 1, the elasticsearch service is only bound to the loopback interface by default. To exploit this issue on a SAM 1 system, an attacker must have local access to the system. On Red Hat JBoss Fuse and Red Hat JBoss A-MQ, the elasticsearch service is only started if the insight-elasticsearch feature is installed. This feature is not installed by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.1",
          "Red Hat JBoss Fuse 6.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "RHBZ#1124252",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3120",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/1191453",
          "url": "https://access.redhat.com/solutions/1191453"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2013-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2014-09-10T05:33:20+00:00",
          "details": "To mitigate this issue, follow the instructions at\nhttps://access.redhat.com/solutions/1191453\n\nFor more information, refer to https://access.redhat.com/solutions/1189133",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.1",
            "Red Hat JBoss Fuse 6.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2014:1170"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.1",
            "Red Hat JBoss Fuse 6.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "elasticsearch: remote code execution flaw via dynamic scripting"
    }
  ]
}

RHSA-2014_1170

Vulnerability from csaf_redhat - Published: 2014-09-10 05:33 - Updated: 2024-11-22 08:26

Summary

Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This advisory contains instructions on how to resolve one security issue\nin the Elasticsearch component in Red Hat JBoss Fuse and A-MQ 6.1.0.\n\nRed Hat Product Security has rated this security issue as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint,\nflexible, open source enterprise service bus and integration platform. Red\nHat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant\nmessaging system that is tailored for use in mission critical applications.\n\nRed Hat JBoss Fuse and A-MQ include the insight plug-in, which provides\ninsight into a Fuse Fabric using Elasticsearch to query data for logs,\nmetrics or historic Camel messages. This plug-in is not enabled by default,\nand is provided as a technology preview. If it is enabled by installing the\nfeature, for example:\n\nJBossFuse:karaf@root\u003e features:install insight-elasticsearch\n\nThen an Elasticsearch server will be started. It was discovered that the\ndefault configuration of Elasticsearch enabled dynamic scripting, allowing\na remote attacker to execute arbitrary MVEL expressions and Java code via\nthe source parameter passed to _search. (CVE-2014-3120)\n\nAll users of Red Hat JBoss Fuse and A-MQ 6.1.0 as provided from the Red Hat\nCustomer Portal who have enabled Elasticsearch are advised to follow the\ninstructions provided in the Solution section of this advisory.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2014:1170",
        "url": "https://access.redhat.com/errata/RHSA-2014:1170"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/1191453",
        "url": "https://access.redhat.com/solutions/1191453"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/1189133",
        "url": "https://access.redhat.com/solutions/1189133"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/support/offerings/techpreview",
        "url": "https://access.redhat.com/support/offerings/techpreview"
      },
      {
        "category": "external",
        "summary": "1124252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1170.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security update",
    "tracking": {
      "current_release_date": "2024-11-22T08:26:40+00:00",
      "generator": {
        "date": "2024-11-22T08:26:40+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2014:1170",
      "initial_release_date": "2014-09-10T05:33:20+00:00",
      "revision_history": [
        {
          "date": "2014-09-10T05:33:20+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2019-02-20T12:33:31+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:26:40+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss A-MQ 6.1",
                "product": {
                  "name": "Red Hat JBoss A-MQ 6.1",
                  "product_id": "Red Hat JBoss A-MQ 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:6.1.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Fuse 6.1",
                "product": {
                  "name": "Red Hat JBoss Fuse 6.1",
                  "product_id": "Red Hat JBoss Fuse 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-3120",
      "cwe": {
        "id": "CWE-749",
        "name": "Exposed Dangerous Method or Function"
      },
      "discovery_date": "2014-07-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1124252"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "elasticsearch: remote code execution flaw via dynamic scripting",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "On Subscription Asset Manager (SAM) 1, the elasticsearch service is only bound to the loopback interface by default. To exploit this issue on a SAM 1 system, an attacker must have local access to the system. On Red Hat JBoss Fuse and Red Hat JBoss A-MQ, the elasticsearch service is only started if the insight-elasticsearch feature is installed. This feature is not installed by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.1",
          "Red Hat JBoss Fuse 6.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "RHBZ#1124252",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3120",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/1191453",
          "url": "https://access.redhat.com/solutions/1191453"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2013-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2014-09-10T05:33:20+00:00",
          "details": "To mitigate this issue, follow the instructions at\nhttps://access.redhat.com/solutions/1191453\n\nFor more information, refer to https://access.redhat.com/solutions/1189133",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.1",
            "Red Hat JBoss Fuse 6.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2014:1170"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.1",
            "Red Hat JBoss Fuse 6.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "elasticsearch: remote code execution flaw via dynamic scripting"
    }
  ]
}

RHSA-2014_1171

Vulnerability from csaf_redhat - Published: 2014-09-10 05:43 - Updated: 2024-11-22 08:26

Summary

Red Hat Security Advisory: Fuse ESB Enterprise/Fuse MQ Enterprise 7.1.0 update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This advisory contains instructions on how to resolve one security issue\nin the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ\nEnterprise 7.1.0.\n\nRed Hat Product Security has rated this security issue as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Fuse ESB Enterprise is an integration platform based on Apache ServiceMix.\nFuse MQ Enterprise, based on Apache ActiveMQ, is a standards-compliant\nmessaging system that is tailored for use in mission critical applications.\n\nFuse ESB Enterprise and Fuse MQ Enterprise include the insight plug-in,\nwhich provides insight into a Fuse Fabric using Elasticsearch to query data\nfor logs, metrics or historic Camel messages. This plug-in is not enabled\nby default, and is provided as a technology preview. If it is enabled by\ninstalling the feature, for example:\n\nJBossFuse:karaf@root\u003e features:install insight-elasticsearch\n\nThen an Elasticsearch server will be started. It was discovered that the\ndefault configuration of Elasticsearch enabled dynamic scripting, allowing\na remote attacker to execute arbitrary MVEL expressions and Java code via\nthe source parameter passed to _search. (CVE-2014-3120)\n\nAll users of Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0 as provided\nfrom the Red Hat Customer Portal who have enabled Elasticsearch are advised\nto follow the instructions provided in the Solution section of this\nadvisory.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2014:1171",
        "url": "https://access.redhat.com/errata/RHSA-2014:1171"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/1191453",
        "url": "https://access.redhat.com/solutions/1191453"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/1189133",
        "url": "https://access.redhat.com/solutions/1189133"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/support/offerings/techpreview",
        "url": "https://access.redhat.com/support/offerings/techpreview"
      },
      {
        "category": "external",
        "summary": "1124252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1171.json"
      }
    ],
    "title": "Red Hat Security Advisory: Fuse ESB Enterprise/Fuse MQ Enterprise 7.1.0 update",
    "tracking": {
      "current_release_date": "2024-11-22T08:26:44+00:00",
      "generator": {
        "date": "2024-11-22T08:26:44+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2014:1171",
      "initial_release_date": "2014-09-10T05:43:30+00:00",
      "revision_history": [
        {
          "date": "2014-09-10T05:43:30+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2014-09-10T05:43:30+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:26:44+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Fuse ESB Enterprise 7.1.0",
                "product": {
                  "name": "Fuse ESB Enterprise 7.1.0",
                  "product_id": "Fuse ESB Enterprise 7.1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:fuse_esb_enterprise:7.1.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fuse Management Console 7.1.0",
                "product": {
                  "name": "Fuse Management Console 7.1.0",
                  "product_id": "Fuse Management Console 7.1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:fuse_management_console:7.1.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fuse MQ Enterprise 7.1.0",
                "product": {
                  "name": "Fuse MQ Enterprise 7.1.0",
                  "product_id": "Fuse MQ Enterprise 7.1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:fuse_mq_enterprise:7.1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Fuse Enterprise Middleware"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-3120",
      "cwe": {
        "id": "CWE-749",
        "name": "Exposed Dangerous Method or Function"
      },
      "discovery_date": "2014-07-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1124252"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "elasticsearch: remote code execution flaw via dynamic scripting",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "On Subscription Asset Manager (SAM) 1, the elasticsearch service is only bound to the loopback interface by default. To exploit this issue on a SAM 1 system, an attacker must have local access to the system. On Red Hat JBoss Fuse and Red Hat JBoss A-MQ, the elasticsearch service is only started if the insight-elasticsearch feature is installed. This feature is not installed by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Fuse ESB Enterprise 7.1.0",
          "Fuse MQ Enterprise 7.1.0",
          "Fuse Management Console 7.1.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "RHBZ#1124252",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3120",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/1191453",
          "url": "https://access.redhat.com/solutions/1191453"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2013-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2014-09-10T05:43:30+00:00",
          "details": "To mitigate this issue, follow the instructions at\nhttps://access.redhat.com/solutions/1191453\n\nFor more information, refer to https://access.redhat.com/solutions/1189133",
          "product_ids": [
            "Fuse ESB Enterprise 7.1.0",
            "Fuse MQ Enterprise 7.1.0",
            "Fuse Management Console 7.1.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2014:1171"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "Fuse ESB Enterprise 7.1.0",
            "Fuse MQ Enterprise 7.1.0",
            "Fuse Management Console 7.1.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "elasticsearch: remote code execution flaw via dynamic scripting"
    }
  ]
}

RHSA-2014:1186

Vulnerability from csaf_redhat - Published: 2014-09-11 21:18 - Updated: 2025-11-21 17:49

Summary

Red Hat Security Advisory: katello-configure security update

Notes

Topic

An updated katello-configure package that fixes one security issue is now available for Red Hat Subscription Asset Manager. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Details

The katello-configure package provides the katello-configure script, which configures the Katello installation, and the katello-upgrade script, which handles upgrades between versions. It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search. (CVE-2014-3120) All Subscription Asset Manager users are advised to upgrade to this updated package. The update provides a script that modifies the elasticsearch.yml configuration file to disable dynamic scripting. After updating, run the "katello-configure" command. This will update the elasticsearch.yml configuration file and restart the elasticsearch service.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated katello-configure package that fixes one security issue is now\navailable for Red Hat Subscription Asset Manager.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The katello-configure package provides the katello-configure script, which\nconfigures the Katello installation, and the katello-upgrade script, which\nhandles upgrades between versions.\n\nIt was discovered that the default configuration of Elasticsearch enabled\ndynamic scripting, allowing a remote attacker to execute arbitrary MVEL\nexpressions and Java code via the source parameter passed to _search.\n(CVE-2014-3120)\n\nAll Subscription Asset Manager users are advised to upgrade to this updated\npackage. The update provides a script that modifies the elasticsearch.yml\nconfiguration file to disable dynamic scripting. After updating, run the\n\"katello-configure\" command. This will update the elasticsearch.yml\nconfiguration file and restart the elasticsearch service.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2014:1186",
        "url": "https://access.redhat.com/errata/RHSA-2014:1186"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1124252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1186.json"
      }
    ],
    "title": "Red Hat Security Advisory: katello-configure security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:49:54+00:00",
      "generator": {
        "date": "2025-11-21T17:49:54+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2014:1186",
      "initial_release_date": "2014-09-11T21:18:39+00:00",
      "revision_history": [
        {
          "date": "2014-09-11T21:18:39+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2014-09-11T21:18:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:49:54+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Subscription Asset Manager for RHEL 6 Server",
                "product": {
                  "name": "Red Hat Subscription Asset Manager for RHEL 6 Server",
                  "product_id": "6Server-SubscriptionAssetManager14",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:rhel_sam:1.4::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Subscription Asset Manager"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "katello-configure-0:1.4.5.1-3.el6sam.src",
                "product": {
                  "name": "katello-configure-0:1.4.5.1-3.el6sam.src",
                  "product_id": "katello-configure-0:1.4.5.1-3.el6sam.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/katello-configure@1.4.5.1-3.el6sam?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "katello-configure-0:1.4.5.1-3.el6sam.noarch",
                "product": {
                  "name": "katello-configure-0:1.4.5.1-3.el6sam.noarch",
                  "product_id": "katello-configure-0:1.4.5.1-3.el6sam.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/katello-configure@1.4.5.1-3.el6sam?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "katello-configure-0:1.4.5.1-3.el6sam.noarch as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
          "product_id": "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.noarch"
        },
        "product_reference": "katello-configure-0:1.4.5.1-3.el6sam.noarch",
        "relates_to_product_reference": "6Server-SubscriptionAssetManager14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "katello-configure-0:1.4.5.1-3.el6sam.src as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
          "product_id": "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.src"
        },
        "product_reference": "katello-configure-0:1.4.5.1-3.el6sam.src",
        "relates_to_product_reference": "6Server-SubscriptionAssetManager14"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-3120",
      "cwe": {
        "id": "CWE-749",
        "name": "Exposed Dangerous Method or Function"
      },
      "discovery_date": "2014-07-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1124252"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "elasticsearch: remote code execution flaw via dynamic scripting",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "On Subscription Asset Manager (SAM) 1, the elasticsearch service is only bound to the loopback interface by default. To exploit this issue on a SAM 1 system, an attacker must have local access to the system. On Red Hat JBoss Fuse and Red Hat JBoss A-MQ, the elasticsearch service is only started if the insight-elasticsearch feature is installed. This feature is not installed by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.noarch",
          "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "RHBZ#1124252",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3120",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/1191453",
          "url": "https://access.redhat.com/solutions/1191453"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2013-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2014-09-11T21:18:39+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied. After updating, run the\n\"katello-configure\" command to apply the needed configuration changes.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.noarch",
            "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2014:1186"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.noarch",
            "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "elasticsearch: remote code execution flaw via dynamic scripting"
    }
  ]
}

RHSA-2014_1186

Vulnerability from csaf_redhat - Published: 2014-09-11 21:18 - Updated: 2024-11-22 08:26

Summary

Red Hat Security Advisory: katello-configure security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated katello-configure package that fixes one security issue is now\navailable for Red Hat Subscription Asset Manager.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The katello-configure package provides the katello-configure script, which\nconfigures the Katello installation, and the katello-upgrade script, which\nhandles upgrades between versions.\n\nIt was discovered that the default configuration of Elasticsearch enabled\ndynamic scripting, allowing a remote attacker to execute arbitrary MVEL\nexpressions and Java code via the source parameter passed to _search.\n(CVE-2014-3120)\n\nAll Subscription Asset Manager users are advised to upgrade to this updated\npackage. The update provides a script that modifies the elasticsearch.yml\nconfiguration file to disable dynamic scripting. After updating, run the\n\"katello-configure\" command. This will update the elasticsearch.yml\nconfiguration file and restart the elasticsearch service.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2014:1186",
        "url": "https://access.redhat.com/errata/RHSA-2014:1186"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1124252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1186.json"
      }
    ],
    "title": "Red Hat Security Advisory: katello-configure security update",
    "tracking": {
      "current_release_date": "2024-11-22T08:26:49+00:00",
      "generator": {
        "date": "2024-11-22T08:26:49+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2014:1186",
      "initial_release_date": "2014-09-11T21:18:39+00:00",
      "revision_history": [
        {
          "date": "2014-09-11T21:18:39+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2014-09-11T21:18:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T08:26:49+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Subscription Asset Manager for RHEL 6 Server",
                "product": {
                  "name": "Red Hat Subscription Asset Manager for RHEL 6 Server",
                  "product_id": "6Server-SubscriptionAssetManager14",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:rhel_sam:1.4::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Subscription Asset Manager"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "katello-configure-0:1.4.5.1-3.el6sam.src",
                "product": {
                  "name": "katello-configure-0:1.4.5.1-3.el6sam.src",
                  "product_id": "katello-configure-0:1.4.5.1-3.el6sam.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/katello-configure@1.4.5.1-3.el6sam?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "katello-configure-0:1.4.5.1-3.el6sam.noarch",
                "product": {
                  "name": "katello-configure-0:1.4.5.1-3.el6sam.noarch",
                  "product_id": "katello-configure-0:1.4.5.1-3.el6sam.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/katello-configure@1.4.5.1-3.el6sam?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "katello-configure-0:1.4.5.1-3.el6sam.noarch as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
          "product_id": "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.noarch"
        },
        "product_reference": "katello-configure-0:1.4.5.1-3.el6sam.noarch",
        "relates_to_product_reference": "6Server-SubscriptionAssetManager14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "katello-configure-0:1.4.5.1-3.el6sam.src as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
          "product_id": "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.src"
        },
        "product_reference": "katello-configure-0:1.4.5.1-3.el6sam.src",
        "relates_to_product_reference": "6Server-SubscriptionAssetManager14"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-3120",
      "cwe": {
        "id": "CWE-749",
        "name": "Exposed Dangerous Method or Function"
      },
      "discovery_date": "2014-07-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1124252"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "elasticsearch: remote code execution flaw via dynamic scripting",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "On Subscription Asset Manager (SAM) 1, the elasticsearch service is only bound to the loopback interface by default. To exploit this issue on a SAM 1 system, an attacker must have local access to the system. On Red Hat JBoss Fuse and Red Hat JBoss A-MQ, the elasticsearch service is only started if the insight-elasticsearch feature is installed. This feature is not installed by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.noarch",
          "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "RHBZ#1124252",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1124252"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3120",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/1191453",
          "url": "https://access.redhat.com/solutions/1191453"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2013-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2014-09-11T21:18:39+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied. After updating, run the\n\"katello-configure\" command to apply the needed configuration changes.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.noarch",
            "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2014:1186"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.noarch",
            "6Server-SubscriptionAssetManager14:katello-configure-0:1.4.5.1-3.el6sam.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "elasticsearch: remote code execution flaw via dynamic scripting"
    }
  ]
}

GSD-2014-3120

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-3120

Aliases

CVE-2014-3120

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-3120",
    "description": "The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine.",
    "id": "GSD-2014-3120",
    "references": [
      "https://access.redhat.com/errata/RHSA-2014:1186",
      "https://access.redhat.com/errata/RHSA-2014:1171",
      "https://access.redhat.com/errata/RHSA-2014:1170",
      "https://packetstormsecurity.com/files/cve/CVE-2014-3120"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-3120"
      ],
      "details": "The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine.",
      "id": "GSD-2014-3120",
      "modified": "2023-12-13T01:22:53.631698Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2014-3120",
      "dateAdded": "2022-03-25",
      "dueDate": "2022-04-15",
      "product": "Elasticsearch",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.",
      "vendorProject": "Elastic",
      "vulnerabilityName": "Elasticsearch Remote Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-3120",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.elastic.co/blog/logstash-1-4-3-released",
            "refsource": "CONFIRM",
            "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
          },
          {
            "name": "33370",
            "refsource": "EXPLOIT-DB",
            "url": "http://www.exploit-db.com/exploits/33370"
          },
          {
            "name": "67731",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/67731"
          },
          {
            "name": "106949",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/106949"
          },
          {
            "name": "http://bouk.co/blog/elasticsearch-rce/",
            "refsource": "MISC",
            "url": "http://bouk.co/blog/elasticsearch-rce/"
          },
          {
            "name": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce",
            "refsource": "MISC",
            "url": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce"
          },
          {
            "name": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch",
            "refsource": "MISC",
            "url": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch"
          },
          {
            "name": "https://www.elastic.co/community/security/",
            "refsource": "CONFIRM",
            "url": "https://www.elastic.co/community/security/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.1.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3120"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://bouk.co/blog/elasticsearch-rce/",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://bouk.co/blog/elasticsearch-rce/"
            },
            {
              "name": "33370",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.exploit-db.com/exploits/33370"
            },
            {
              "name": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch"
            },
            {
              "name": "106949",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/106949"
            },
            {
              "name": "67731",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/67731"
            },
            {
              "name": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce"
            },
            {
              "name": "https://www.elastic.co/blog/logstash-1-4-3-released",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
            },
            {
              "name": "https://www.elastic.co/community/security/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.elastic.co/community/security/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-12-06T18:13Z",
      "publishedDate": "2014-07-28T19:55Z"
    }
  }
}

GHSA-MRFM-JXGF-2H6V

Vulnerability from github – Published: 2022-05-17 03:28 – Updated: 2025-10-22 19:34

Summary

Elasticsearch Improper Access Control vulnerability

Details

The default configuration in Elasticsearch before 1.4.0.Beta1 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.

Severity ?

8.1 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.elasticsearch:elasticsearch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.0.Beta1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2014-3120"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-01-06T22:28:40Z",
    "nvd_published_at": "2014-07-28T19:55:00Z",
    "severity": "HIGH"
  },
  "details": "The default configuration in Elasticsearch before 1.4.0.Beta1 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine.",
  "id": "GHSA-mrfm-jxgf-2h6v",
  "modified": "2025-10-22T19:34:14Z",
  "published": "2022-05-17T03:28:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3120"
    },
    {
      "type": "WEB",
      "url": "https://github.com/elastic/elasticsearch/issues/7151"
    },
    {
      "type": "WEB",
      "url": "https://github.com/elastic/elasticsearch/pull/7642"
    },
    {
      "type": "WEB",
      "url": "https://github.com/elastic/elasticsearch/commit/bd0eb32d9c3c3f5b6e5f8630c859cd04bdcd4e06"
    },
    {
      "type": "WEB",
      "url": "https://github.com/elastic/elasticsearch/commit/f9de8b65898509e038e33215db0720b508477a12"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/elastic/elasticsearch"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20140813071419/http://www.securityfocus.com/bid/67731"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3120"
    },
    {
      "type": "WEB",
      "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
    },
    {
      "type": "WEB",
      "url": "https://www.elastic.co/community/security"
    },
    {
      "type": "WEB",
      "url": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch"
    },
    {
      "type": "WEB",
      "url": "http://bouk.co/blog/elasticsearch-rce"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/33370"
    },
    {
      "type": "WEB",
      "url": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Elasticsearch Improper Access Control vulnerability"
}

FKIE_CVE-2014-3120

Vulnerability from fkie_nvd - Published: 2014-07-28 19:55 - Updated: 2025-10-22 01:15

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Summary

References

URL	Tags
cve@mitre.org	http://bouk.co/blog/elasticsearch-rce/	Exploit
cve@mitre.org	http://www.exploit-db.com/exploits/33370	Exploit
cve@mitre.org	http://www.osvdb.org/106949	Broken Link
cve@mitre.org	http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce	Exploit, Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/67731	Exploit
cve@mitre.org	https://www.elastic.co/blog/logstash-1-4-3-released	Vendor Advisory
cve@mitre.org	https://www.elastic.co/community/security/	Vendor Advisory
cve@mitre.org	https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://bouk.co/blog/elasticsearch-rce/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/33370	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/106949	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/67731	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://www.elastic.co/blog/logstash-1-4-3-released	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.elastic.co/community/security/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch	Exploit
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3120

Impacted products

	Vendor	Product	Version
	elasticsearch	elasticsearch	*

JSON

To clipboard

{
  "cisaActionDue": "2022-04-15",
  "cisaExploitAdd": "2022-03-25",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Elasticsearch Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "985437E6-A916-4359-8EB6-45C35ABA0742",
              "versionEndExcluding": "1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search.  NOTE: this only violates the vendor\u0027s intended security policy if the user does not run Elasticsearch in its own independent virtual machine."
    },
    {
      "lang": "es",
      "value": "La configuraci\u00f3n por defecto en Elasticsearch anterior a 1.2 habilita secuencias de comandos din\u00e1micos, lo que permite a atacantes remotos ejecutar expresiones MVEL arbitrarias y c\u00f3digo Java a trav\u00e9s del par\u00e1metro source en _search. NOTA: esto solamente viola la pol\u00edtica de seguridad del proveedor si el usuario no hace funcionar Elasticsearch en su propia maquina virtual independiente."
    }
  ],
  "id": "CVE-2014-3120",
  "lastModified": "2025-10-22T01:15:56.260",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2014-07-28T19:55:04.490",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://bouk.co/blog/elasticsearch-rce/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/33370"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/106949"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/67731"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.elastic.co/community/security/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://bouk.co/blog/elasticsearch-rce/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/33370"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/106949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/67731"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.elastic.co/community/security/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3120"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-3120 (GCVE-0-2014-3120)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Tags

Sightings

Nomenclature