cbcvebase.
CVE-2015-4152
published 2015-06-15

CVE-2015-4152: Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via…

PriorityP338medium6.4CVSS 2.0
AVNACLAuNCNIPAP
EPSS
3.03%
85.8th percentile
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.

Affected

1 ranges
VendorProductVersion rangeFixed in
elasticlogstash<= 1.4.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.