Yes it's years out of date but there's no such thing as security through obscurity
Cisco's security limb has spotted nefarious people targeting Elasticsearch clusters using relatively ancient vulns to plant malware, cryptocurrency miners and worse – though it does root out some other cybercrims’ dodgy wares, cuckoo-style.
"These attackers are targeting clusters using versions 1.4.2 and lower," said the networking giant's infosec arm, Talos, in a post summarising what its honeypot setup had caught for examination.
The seemingly China-based attackers used two known vulnerabilities in Elasticsearch – listed as CVEs in 2014 and 2015 respectively – to pass scripts to search queries, Talos said, allowing them further access to the old machines to drop a payload of their choice.
Elasticsearch version 1.4.2 was first released in December 2014.
"These attacks leverage CVE-2014-3120 and CVE-2015-1427" said the security research outfit.