THREAT OPS › CVEs › CVE-2014-3120
CVE-2014-3120 — Elasticsearch Remote Code Execution Vulnerability
Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.
Vulnerability details
- Affected productsElasticsearch
- KEV remediation due2022-04-15