elasitcsearch漏洞在线检测工具

ZoomEye发布 ElasticSearch 远程代码执行漏洞(CVE-2014-3120) 全球分布:http://www.zoomeye.org/lab/es ElasticSearch 是一个广泛使用的数据库,在默认配置情况下,攻击者可以发送一个恶意请求让服务器执行 Java 代码,从而获取数据库敏感信息甚至发起更深入的攻击。在线漏洞检测:http://tool.scanv.com/es.html


Elasticsearch is a powerful open source search and analytics engine. The vulnerability allows attackers read from or append to files on the system hosting ElasticSearch database, could lead to sensitive information disclosure or further attack. Not sured if your ES is vulnerable? Inspect your server with SCANV now.

你可能感兴趣的:(搜索)