Lucene search

PRIOn knowledge basePRION:CVE-2015-4152

HistoryJun 15, 2015 - 3:59 p.m.

Directory traversal

2015-06-1515:59:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.8%

JSON

Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.

CPENameOperatorVersion
logstashle1.4.2

CPE	Name	Operator	Version
	logstash	le	1.4.2

References

packetstormsecurity.com/files/132233/Logstash-1.4.2-Directory-Traversal.html

www.securityfocus.com/archive/1/535725/100/0/threaded

www.elastic.co/blog/logstash-1-4-3-released

www.elastic.co/community/security/