Exposures › CVE-2014-3120
CVE-2014-3120
Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-03-25
Reference
⚡ RCE
⌖ exploited in the wild
shame 65/100
rceexploited-in-wild
Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.
Players implicated
Description
Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.
Affected FedRAMP products 1 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Elastic Cloud | Elastic | Authorized | vendor-exact · 0.90 |