Vulnerability Details : CVE-2015-4165
The snapshot API in Elasticsearch before 1.6.0 when another application exists on the system that can read Lucene files and execute code from them, is accessible by the attacker, and the Java VM on which Elasticsearch is running can write to a location that the other application can read and execute from, allows remote authenticated users to write to and create arbitrary snapshot metadata files, and potentially execute arbitrary code.
Vulnerability category: Execute code
Products affected by CVE-2015-4165
- cpe:2.3:a:elasticsearch:elasticsearch:1.5.2:*:*:*:*:*:*:*
Threat overview for CVE-2015-4165
Top countries where our scanners detected CVE-2015-4165
Top open port discovered on systems with this issue
9200
IPs affected by CVE-2015-4165 266
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-4165!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2015-4165
1.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-4165
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.0
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:P |
6.8
|
6.4
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.6
|
5.9
|
NIST |
CWE ids for CVE-2015-4165
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-4165
-
http://www.securityfocus.com/archive/1/536855/100/0/threaded
SecurityFocus
-
http://www.securityfocus.com/archive/1/535727/100/0/threaded
SecurityFocus
-
https://bugzilla.redhat.com/show_bug.cgi?id=1230761
1230761 – (CVE-2015-4165) CVE-2015-4165 elasticsearch: unspecified arbitrary files modification vulnerabilityIssue Tracking;Third Party Advisory
-
https://www.elastic.co/community/security/
Elastic Stack Security Disclosures · Report Issues | ElasticVendor Advisory
-
http://www.securityfocus.com/bid/75113
Elasticsearch CVE-2015-4165 Arbitrary Code Execution VulnerabilityMitigation;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/132234/Elasticsearch-1.5.2-File-Creation.html
Elasticsearch 1.5.2 File Creation ≈ Packet StormThird Party Advisory;VDB Entry
Jump to