ElasticSearch is a JAVA development of search engine analysis. In 2014, had been discovered over a remote code execution vulnerability (CVE-2014-3120), loopholes in the script to query module, because the search engine supports the use of scripting code (MVEL), as an expression for data manipulation, an attacker could MVEL java code to execute arbitrary structure, then the scripting language engine replaced Groovy, and joined the sandbox controlled dangerous code will be blocked, the results of this due to the sandbox restrictions are not strict, lead to remote code execution, currently not online see open poc, after some research and found that the use patterns, let's look at how the vulnerability is generated.
more here, so make use of whatever translation software you find somewhat effective, as this is in Chinese .......http://drops.wooyun.org/papers/5107
more here, so make use of whatever translation software you find somewhat effective, as this is in Chinese .......http://drops.wooyun.org/papers/5107