Directory Traversal Vulnerability in Elasticsearch Logstash by Elastic
CVE-2015-4152

Currently unrated

Key Information:

Vendor
Elastic
Status
Vendor
CVE Published:
15 June 2015

Summary

A directory traversal vulnerability exists in the file output plugin of Elasticsearch Logstash prior to version 1.4.3. This vulnerability permits remote attackers to manipulate file paths through dynamic field references, potentially allowing them to write to arbitrary files on the server. Successful exploitation poses a significant risk as it could lead to unauthorized access or corruption of data.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.