Computer Security
[EN] securityvulns.ru no-pyccku


Elasticsearch directory traversal
Published:05.05.2015
Source:
SecurityVulns ID:14437
Type:remote
Threat Level:
6/10
Description:Directory traversal via requests to /_plugin
Affected:ELASTIC : Elasticsearch 1.5
CVE:CVE-2015-3337 (Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.)
Original documentdocumentKevin Kluge, Elasticsearch vulnerability CVE-2015-3337 (05.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3241-1] elasticsearch security update (05.05.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod