CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4152

Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.7%

CVSS Severity

CVSS v2 Score 6.4

References

Products affected by CVE-2015-4152

Elastic » Logstash » Version: 1.0.0

cpe:2.3:a:elastic:logstash:1.0.0
Elastic » Logstash » Version: 1.0.1

cpe:2.3:a:elastic:logstash:1.0.1
Elastic » Logstash » Version: 1.0.10

cpe:2.3:a:elastic:logstash:1.0.10
Elastic » Logstash » Version: 1.0.11

cpe:2.3:a:elastic:logstash:1.0.11
Elastic » Logstash » Version: 1.0.12

cpe:2.3:a:elastic:logstash:1.0.12
Elastic » Logstash » Version: 1.0.14

cpe:2.3:a:elastic:logstash:1.0.14
Elastic » Logstash » Version: 1.0.15

cpe:2.3:a:elastic:logstash:1.0.15
Elastic » Logstash » Version: 1.0.16

cpe:2.3:a:elastic:logstash:1.0.16
Elastic » Logstash » Version: 1.0.17

cpe:2.3:a:elastic:logstash:1.0.17
Elastic » Logstash » Version: 1.0.4

cpe:2.3:a:elastic:logstash:1.0.4
Elastic » Logstash » Version: 1.0.5

cpe:2.3:a:elastic:logstash:1.0.5
Elastic » Logstash » Version: 1.0.6

cpe:2.3:a:elastic:logstash:1.0.6
Elastic » Logstash » Version: 1.0.7

cpe:2.3:a:elastic:logstash:1.0.7
Elastic » Logstash » Version: 1.0.9

cpe:2.3:a:elastic:logstash:1.0.9
Elastic » Logstash » Version: 1.1.0

cpe:2.3:a:elastic:logstash:1.1.0
Elastic » Logstash » Version: 1.1.0.1

cpe:2.3:a:elastic:logstash:1.1.0.1
Elastic » Logstash » Version: 1.1.1

cpe:2.3:a:elastic:logstash:1.1.1
Elastic » Logstash » Version: 1.1.10

cpe:2.3:a:elastic:logstash:1.1.10
Elastic » Logstash » Version: 1.1.11

cpe:2.3:a:elastic:logstash:1.1.11
Elastic » Logstash » Version: 1.1.12

cpe:2.3:a:elastic:logstash:1.1.12
Elastic » Logstash » Version: 1.1.13

cpe:2.3:a:elastic:logstash:1.1.13
Elastic » Logstash » Version: 1.1.2

cpe:2.3:a:elastic:logstash:1.1.2
Elastic » Logstash » Version: 1.1.3

cpe:2.3:a:elastic:logstash:1.1.3
Elastic » Logstash » Version: 1.1.4

cpe:2.3:a:elastic:logstash:1.1.4
Elastic » Logstash » Version: 1.1.5

cpe:2.3:a:elastic:logstash:1.1.5
Elastic » Logstash » Version: 1.1.6

cpe:2.3:a:elastic:logstash:1.1.6
Elastic » Logstash » Version: 1.1.7

cpe:2.3:a:elastic:logstash:1.1.7
Elastic » Logstash » Version: 1.1.8

cpe:2.3:a:elastic:logstash:1.1.8
Elastic » Logstash » Version: 1.1.9

cpe:2.3:a:elastic:logstash:1.1.9
Elastic » Logstash » Version: 1.2.0

cpe:2.3:a:elastic:logstash:1.2.0
Elastic » Logstash » Version: 1.2.1

cpe:2.3:a:elastic:logstash:1.2.1
Elastic » Logstash » Version: 1.2.2

cpe:2.3:a:elastic:logstash:1.2.2
Elastic » Logstash » Version: 1.3.0

cpe:2.3:a:elastic:logstash:1.3.0
Elastic » Logstash » Version: 1.3.1

cpe:2.3:a:elastic:logstash:1.3.1
Elastic » Logstash » Version: 1.3.2

cpe:2.3:a:elastic:logstash:1.3.2
Elastic » Logstash » Version: 1.3.3

cpe:2.3:a:elastic:logstash:1.3.3
Elastic » Logstash » Version: 1.4.0

cpe:2.3:a:elastic:logstash:1.4.0
Elastic » Logstash » Version: 1.4.1

cpe:2.3:a:elastic:logstash:1.4.1
Elastic » Logstash » Version: 1.4.2

cpe:2.3:a:elastic:logstash:1.4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4152

Products

Pricing

Contact Us