Lucene search
HistoryJun 15, 2015 - 3:59 p.m.
CVE-2015-4152
cve-2015-4152
directory traversal
vulnerability
elasticsearch
logstash
remote attackers
arbitrary files
dynamic field references
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.8%
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.
Affected configurations
Node
elasticlogstashRange≤1.4.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| elastic:logstash | elastic logstash | le | 1.4.2 |
Related
nessus
nessus
FreeBSD : logstash -- Directory traversal vulnerability in the file output plugin (24bde04f-1a10-11e5-b43d-002590263bf5)
2015-06-25 00:00:00
Logstash ESA-2015-04
2018-12-06 00:00:00
nvd
nvd
CVE-2015-4152
2015-06-15 15:59:11
zdt
zdt
Logstash 1.4.2 Directory Traversal Vulnerability
2015-06-10 00:00:00
openvas
openvas
Elastic Logstash 'CVE-2015-4152' Directory Traversal Vulnerability - Linux
2016-06-28 00:00:00
Elastic Logstash 'CVE-2015-4152' Directory Traversal Vulnerability
2016-06-23 00:00:00
prion
prion
Directory traversal
2015-06-15 15:59:00
freebsd
freebsd
logstash -- Directory traversal vulnerability in the file output plugin
2015-06-09 00:00:00
cvelist
cvelist
CVE-2015-4152
2015-06-15 15:00:00
securityvulns
securityvulns
Logstash vulnerability CVE-2015-4152
2015-06-14 00:00:00
Elastic Logstash directory traversal
2015-07-27 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.8%
Related for CVE-2015-4152