Signature Detail

APP: Elastic Elasticsearch ThrowableObjectInputStream Insecure Deserialization

This signature detects attempts to exploit a known vulnerability in Elastic Elasticsearch. Successful exploitation could result in arbitrary code execution with the privileges of the affected java process.

Extended Description

** DISPUTED ** Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability.

Affected Products

• Elastic elasticsearch 0.10.0
• Elastic elasticsearch 0.11.0
• Elastic elasticsearch 0.12.0
• Elastic elasticsearch 0.12.1
• Elastic elasticsearch 0.13.0
• Elastic elasticsearch 0.13.1
• Elastic elasticsearch 0.14.0
• Elastic elasticsearch 0.14.1
• Elastic elasticsearch 0.14.2
• Elastic elasticsearch 0.14.3
• Elastic elasticsearch 0.14.4
• Elastic elasticsearch 0.15.0
• Elastic elasticsearch 0.15.1
• Elastic elasticsearch 0.15.2
• Elastic elasticsearch 0.16.0
• Elastic elasticsearch 0.16.1
• Elastic elasticsearch 0.16.2
• Elastic elasticsearch 0.16.3
• Elastic elasticsearch 0.16.4
• Elastic elasticsearch 0.16.5
• Elastic elasticsearch 0.17.0
• Elastic elasticsearch 0.17.1
• Elastic elasticsearch 0.17.10
• Elastic elasticsearch 0.17.2
• Elastic elasticsearch 0.17.3
• Elastic elasticsearch 0.17.4
• Elastic elasticsearch 0.17.5
• Elastic elasticsearch 0.17.6
• Elastic elasticsearch 0.17.7
• Elastic elasticsearch 0.17.8
• Elastic elasticsearch 0.17.9
• Elastic elasticsearch 0.18.0
• Elastic elasticsearch 0.18.1
• Elastic elasticsearch 0.18.2
• Elastic elasticsearch 0.18.3
• Elastic elasticsearch 0.18.4
• Elastic elasticsearch 0.18.5
• Elastic elasticsearch 0.18.6
• Elastic elasticsearch 0.18.7
• Elastic elasticsearch 0.19.0
• Elastic elasticsearch 0.19.1
• Elastic elasticsearch 0.19.10
• Elastic elasticsearch 0.19.11
• Elastic elasticsearch 0.19.12
• Elastic elasticsearch 0.19.2
• Elastic elasticsearch 0.19.3
• Elastic elasticsearch 0.19.4
• Elastic elasticsearch 0.19.5
• Elastic elasticsearch 0.19.6
• Elastic elasticsearch 0.19.7
• Elastic elasticsearch 0.19.8
• Elastic elasticsearch 0.19.9
• Elastic elasticsearch 0.20.0
• Elastic elasticsearch 0.20.1
• Elastic elasticsearch 0.20.2
• Elastic elasticsearch 0.20.3
• Elastic elasticsearch 0.20.4
• Elastic elasticsearch 0.20.5
• Elastic elasticsearch 0.20.6
• Elastic elasticsearch 0.4.0
• Elastic elasticsearch 0.5.0
• Elastic elasticsearch 0.5.1
• Elastic elasticsearch 0.6.0
• Elastic elasticsearch 0.7.0
• Elastic elasticsearch 0.7.1
• Elastic elasticsearch 0.8.0
• Elastic elasticsearch 0.9.0
• Elastic elasticsearch 0.90.0
• Elastic elasticsearch 0.90.1
• Elastic elasticsearch 0.90.10
• Elastic elasticsearch 0.90.11
• Elastic elasticsearch 0.90.12
• Elastic elasticsearch 0.90.13
• Elastic elasticsearch 0.90.2
• Elastic elasticsearch 0.90.3
• Elastic elasticsearch 0.90.4
• Elastic elasticsearch 0.90.5
• Elastic elasticsearch 0.90.6
• Elastic elasticsearch 0.90.7
• Elastic elasticsearch 0.90.8
• Elastic elasticsearch 0.90.9
• Elastic elasticsearch 1.0.0
• Elastic elasticsearch 1.0.1
• Elastic elasticsearch 1.0.2
• Elastic elasticsearch 1.0.3
• Elastic elasticsearch 1.1.0
• Elastic elasticsearch 1.1.1
• Elastic elasticsearch 1.1.2
• Elastic elasticsearch 1.2.0
• Elastic elasticsearch 1.2.1
• Elastic elasticsearch 1.2.2
• Elastic elasticsearch 1.2.3
• Elastic elasticsearch 1.2.4
• Elastic elasticsearch 1.3.0
• Elastic elasticsearch 1.3.1
• Elastic elasticsearch 1.3.2
• Elastic elasticsearch 1.3.3
• Elastic elasticsearch 1.3.4
• Elastic elasticsearch 1.3.5
• Elastic elasticsearch 1.3.6
• Elastic elasticsearch 1.3.7
• Elastic elasticsearch 1.3.8
• Elastic elasticsearch 1.3.9
• Elastic elasticsearch 1.4.0
• Elastic elasticsearch 1.4.1
• Elastic elasticsearch 1.4.2
• Elastic elasticsearch 1.4.3
• Elastic elasticsearch 1.4.4
• Elastic elasticsearch 1.4.5
• Elastic elasticsearch 1.5.0
• Elastic elasticsearch 1.5.1
• Elastic elasticsearch 1.5.2
• Elastic elasticsearch 1.6.0

References

• CVE: CVE-2015-5377