CVE-2015-1427
Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability
The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands. Vendor/Product: Elastic Elasticsearch. Added to CISA KEV 2022-03-25; required action: Apply updates per vendor instructions.