CVE-2015-5531

🗓️ 17 Aug 2015 15:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 145 Views🌐 WEB

CVE-2015-5531 Directory Traversal Vulnerability in Elasticsearc

Reporter	Title	Published	Views	Family All 28
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator	17 Jun 201822:30	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in Elasticsearch might affect Process Federation Server in IBM Business Process Manager (BPM) - CVE-2015-5531, CVE-2015-5377	15 Jun 201807:03	–	ibm
0day.today	ElasticSearch 1.6.0 - Arbitrary File Download Vulnerability	2 Oct 201500:00	–	zdt
FreeBSD	elasticsearch -- directory traversal attack via snapshot API	16 Jul 201500:00	–	freebsd
Circl	CVE-2015-5531	29 May 201815:50	–	circl
CNVD	Elasticsearch Directory Traversal Vulnerability	22 Jul 201500:00	–	cnvd
Check Point Advisories	Elastic Elasticsearch Snapshot API Directory Traversal (CVE-2015-5531)	25 Sep 201700:00	–	checkpoint_advisories
Cvelist	CVE-2015-5531	17 Aug 201515:00	–	cvelist
Dsquare	Elasticsearch < 1.6.1 LFI	27 Aug 201600:00	–	dsquare
GithubExploit	Exploit for CVE-2015-1427	17 Dec 202510:07	–	githubexploit

NVD

Node

elasticsearch elasticsearchRange≤1.6.0

Source	Link
securityfocus	www.securityfocus.com/bid/75935
elastic	www.elastic.co/community/security/
securityfocus	www.securityfocus.com/archive/1/536017/100/0/threaded
packetstormsecurity	www.packetstormsecurity.com/files/133964/ElasticSearch-Snapshot-API-Directory-Traversal.html
packetstormsecurity	www.packetstormsecurity.com/files/132721/Elasticsearch-Directory-Traversal.html
exploit-db	www.exploit-db.com/exploits/38383/
packetstormsecurity	www.packetstormsecurity.com/files/133797/ElasticSearch-Path-Traversal-Arbitrary-File-Download.html

Parameter	Position	Path	Description	CWE
type	path	_snapshot/pwn	Directory traversal via Elasticsearch Snapshot API by crafting traversal payloads in POST to /_snapshot/pwn.	CWE-22
settings	path	_snapshot/pwn	Directory traversal via Elasticsearch Snapshot API by crafting traversal payloads in POST to /_snapshot/pwn.	CWE-22
location	path	_snapshot/pwn	Directory traversal via Elasticsearch Snapshot API by crafting traversal payloads in POST to /_snapshot/pwn.	CWE-22
type	path	_snapshot/pwnie	Directory traversal via Elasticsearch Snapshot API by crafting traversal payloads in POST to /_snapshot/pwnie.	CWE-22
settings	path	_snapshot/pwnie	Directory traversal via Elasticsearch Snapshot API by crafting traversal payloads in POST to /_snapshot/pwnie.	CWE-22
location	path	_snapshot/pwnie	Directory traversal via Elasticsearch Snapshot API by crafting traversal payloads in POST to /_snapshot/pwnie.	CWE-22
DEPTH	path	_snapshot/pwn/ev1l%2f	GET traversal URL used to read arbitrary files through the Snapshot API by exploiting the traversal payload.	CWE-22
FILEPATH	path	_snapshot/pwn/ev1l%2f	GET traversal URL used to read arbitrary files through the Snapshot API by exploiting the traversal payload.	CWE-22

06 May 2026 22:30Current

9High risk

Vulners AI Score9

CVSS 25

EPSS0.92032

cve 2015 5531 directory traversal vulnerability elasticsearch remote attack arbitrary files snapshot api calls