-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.elasticsearch:elasticsearch | maven | < 1.4.0.Beta1 | 1.4.0.Beta1 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from Elasticsearch's default enablement of dynamic scripting (MVEL) prior to 1.4.0.Beta1. The ScriptService.execute function is directly responsible for evaluating user-provided scripts, and RestSearchAction.parseRequest handles incoming search requests containing these scripts. The combination of these functions being accessible via the _search endpoint with default insecure configurations creates the RCE vector. The GitHub patch focuses on CORS hardening, but the core vulnerability resides in script execution logic, as confirmed by CVE descriptions and exploit PoCs demonstrating script injection via the 'source' parameter.
JavaJavaKEV Misses 88% of Exploited CVEs- Get the report