Lucene search
GitHub Advisory DatabaseGHSA-X8Q8-4HP5-463WHistoryMay 17, 2022 - 4:12 a.m.
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
2022-05-1704:12:25
CWE-22
GitHub Advisory Database
github.com
5
0.962 High
EPSS
Percentile
99.5%
Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.elasticsearch:elasticsearch | le | 1.5.1 | |
| org.elasticsearch:elasticsearch | le | 1.4.4 |
Related
nessus
nessus
osv
osv
elasticsearch - security update
2015-04-29 00:00:00
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
2022-05-17 04:12:25
freebsd
freebsd
elasticsearch -- directory traversal attack with site plugins
2015-04-27 00:00:00
ubuntucve
ubuntucve
CVE-2015-3337
2015-05-01 00:00:00
openvas
openvas
Debian Security Advisory DSA 3241-1 (elasticsearch - security update)
2015-04-29 00:00:00
Debian: Security Advisory (DSA-3241-1)
2015-04-28 00:00:00
Elasticsearch Directory Traversal Vulnerability
2015-05-05 00:00:00
exploitpack
exploitpack
ElasticSearch 1.4.5 1.5.2 - Directory Traversal
2015-05-18 00:00:00
cvelist
cvelist
CVE-2015-3337
2015-05-01 15:00:00
securityvulns
securityvulns
Elasticsearch vulnerability CVE-2015-3337
2015-05-05 00:00:00
Elasticsearch directory traversal
2015-05-05 00:00:00
[SECURITY] [DSA 3241-1] elasticsearch security update
2015-05-05 00:00:00
packetstorm
packetstorm
ElasticSearch Directory Traversal Proof Of Concept
2015-05-01 00:00:00
prion
prion
Directory traversal
2015-05-01 15:59:00
debian
debian
[SECURITY] [DSA 3241-1] elasticsearch security update
2015-04-29 20:33:18
cve
cve
CVE-2015-3337
2015-05-01 15:59:00
nuclei
nuclei
Elasticsearch - Local File Inclusion
2021-03-24 20:51:43
exploitdb
exploitdb
ElasticSearch < 1.4.5 / < 1.5.2 - Directory Traversal
2015-05-18 00:00:00