CVE-2023-28389

Risk Scores

Affected Products

Exploit Intelligence

• Java deserialization exploit for elasticsearch 1.5.2 CVE-2015-5377 (github-poc)
• Java deserialization exploit for elasticsearch 1.5.2 CVE-2015-5377 (github-poc)
• Java deserialization exploit for elasticsearch 1.5.2 CVE-2015-5377 (github-poc)
• Java deserialization exploit for elasticsearch 1.5.2 CVE-2015-5377 (github-poc)
• Java deserialization exploit for elasticsearch 1.5.2 CVE-2015-5377 (github-poc)
• Java deserialization exploit for elasticsearch 1.5.2 CVE-2015-5377 (github-poc)
• To test elasticsearch vulnerabillity on newer version of debian (github-poc)
• To test elasticsearch vulnerabillity on newer version of debian (github-poc)
• To test elasticsearch vulnerabillity on newer version of debian (github-poc)
• To test elasticsearch vulnerabillity on newer version of debian (github-poc)

…and 209 more exploits

Timeline

• Jun 28, 2021 PoC Published
• Dec 11, 2021 PoC Published
• Dec 13, 2021 PoC Published
• Dec 18, 2021 PoC Published
• Jun 7, 2022 PoC Published
• Sep 16, 2022 PoC Published
• Nov 21, 2023 PoC Published
• Dec 8, 2023 PoC Published
• Dec 11, 2023 PoC Published
• Mar 1, 2024 PoC Published
• Mar 12, 2024 CVE Published
• Mar 15, 2024 EPSS Score

References

• https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0624.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0624 advisory
• https://www.dell.com/support/kbdoc/000223008/dsa-2024-= advisory
• https://support.lenovo.com/us/en/product_security/LEN-142128 advisory
• https://www.dell.com/support/kbdoc/000217983/dsa-2023-= advisory
• https://www.dell.com/support/kbdoc/de-de/000222891/dsa-2024-005-security-update-for-dell-poweredge-server-for-intel-march-2024-security-advisories-2024-1-ipu advisory
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html advisory
• https://support.hp.com/us-en/document/ish_10301013-10301054-16/HPSBHF03926 advisory