CVE-2015-5377 is a vulnerability in Elasticsearch
Published on March 6, 2018
Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability
Products Associated with CVE-2015-5377
Want to know whenever a new CVE is published for Elasticsearch? stack.watch will email you.
Exploit Probability
EPSS
39.90%
Percentile
97.27%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.