{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-07-16T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-06T19:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"}, {"name": "75938", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75938"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-5377", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736", "refsource": "CONFIRM", "url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"}, {"name": "75938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75938"}, {"name": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2", "refsource": "MISC", "url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T06:50:00.835Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"}, {"name": "75938", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/75938"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-5377", "datePublished": "2018-03-06T20:00:00.000Z", "dateReserved": "2015-07-06T00:00:00.000Z", "dateUpdated": "2024-08-06T06:50:00.835Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F9F3AAE-7689-4585-9FA9-9C90D87946A4", "versionEndExcluding": "1.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability"}, {"lang": "es", "value": "** EN DISPUTA ** Elasticsearch, en versiones anteriores a la 1.6.1, permite que atacantes remotos ejecuten c\u00f3digo arbitrario mediante vectores sin especificar relacionados con el protocolo de transporte. NOTA: aparentemente, ZDI sostiene que CVE-2015-3253 y CVE-2015-5377 son la misma vulnerabilidad."}], "id": "CVE-2015-5377", "lastModified": "2024-11-21T02:32:54.863", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-06T20:29:00.390", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/75938"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/75938"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/elastic/elasticsearch/commit/bf3052d14c874aead7da8855c5fcadf5428a43f2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "elasticsearch: unspecified remote code execution vulnerability", "id": "1244236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1244236"}, "csaw": false, "cvss": {"cvss_base_score": "3.3", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:P/I:P/A:N", "status": "draft"}, "details": ["Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability"], "mitigation": {"lang": "en:us", "value": "For Satellite 6.x and Sam 1.x you can simply firewall elasticsearch to trusted users only (e.g. root, katello, foreman). For instructions on this please see:\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.0/html-single/Installation_Guide/index.html#sect-Red_Hat_Satellite-Installation_Guide-Red_Hat_Satellite_Installation-Configuring_Red_Hat_Satellite_Manually"}, "name": "CVE-2015-5377", "package_state": [{"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Will not fix", "package_name": "elasticsearch", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Will not fix", "package_name": "elasticsearch", "product_name": "Red Hat Subscription Asset Manager"}], "public_date": "2015-07-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-5377\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-5377"], "statement": "This issue affects the versions of elasticsearch as shipped with Red Hat Satellite 6.x and Subscription Asset Manager 1.x. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}

{}