Directory traversal vulnerability in Elasticsearch via unspecified vectors (dpkg)ID: oval:org.secpod.oval:def:24270 | Date: (C)2015-05-06 (M)2021-06-06 |
Class: VULNERABILITY | Family: unix |
The host is installed with Elasticsearch 1.4.x before 1.4.5 or 1.5.x before 1.5.2 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to read arbitrary files.
Platform: |
Debian 7 |
Ubuntu 12.04 |
Ubuntu 14.04 |
Ubuntu 14.10 |
Ubuntu 15.04 |