CVE-2015-5377

CRITICAL

Elasticsearch <1.6.1 - RCE

Title source: llm

Description

Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability

Exploits (1)

nomisec WORKING POC 3 stars

by fi3ro · poc

https://github.com/fi3ro/CVE-2015-5377

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/75938

[Third Party Advisory, VDB Entry] http://www.zerodayinitiative.com/advisories/ZDI-15-365/

[Vendor Advisory] https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736

[Patch, Third Party Advisory] https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2

Scores

CVSS v3 9.8

EPSS 0.3990

EPSS Percentile 97.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-74

Status published

Products (1)

elastic/elasticsearch < 1.6.1

Published Mar 06, 2018

Tracked Since Feb 18, 2026