Issue: Elasticsearch versions prior to 1.6.1 are vulnerable to an engineered attack on its transport protocol that enables remote code execution. This issue is related to the Groovy announcement in CVE-2015-3253.
Solution: Users that do not want to upgrade can address the vulnerability by securing the transport protocol port (default 9300) to allow access by only trusted agents.
Query: How can we secure the transport protocol port [default 9300] where ElasticSearch and ARis application are running on same server.
Hello Andre,
Thanks for your response.
The installed version of ElasticSearch is 1.4.2
The required version for removing the vulnerability is either 1.6.1 or 1.7.0
Now we do not want to upgrade the ElasticSearch or ARis application.
However, this vulnerability can also be removed by securing the transport protocol port [9300].
We want to remove the vulnerability following the alternative approach i.e. securing the transport protocol port [9300].
Can you please guide us the process to achive the same.
Hi Anushik,
Please check using this URL: http://localhost:19976/ ( on the Server ) and will see version... number... or http://<servername>:19976
BR
AO
This is what we got from the location shared by you.
It seems the version we have is 9.8.
Also can you please share with us your contact number or skype ID so that we can contact you once and make you understand the issue and you can provide us the solution if possible.