CVE-2015-4152

Currently unrated

Key Information:

Vendor: Elastic
Status: Logstash
Vendor: CVE Published:; 15 June 2015

Summary

Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.

References

http://www.securityfocus.com/archive/1/535725/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://www.elastic.co/blog/logstash-1-4-3-released

x_refsource_CONFIRM

http://packetstormsecurity.com/files/132233/Logstash-1.4....

x_refsource_MISC

Timeline

Vulnerability published
Jun 15, 2015
Vulnerability Reserved
Jun 1, 2015