Описание
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.2 (включая)
cpe:2.3:a:elastic:logstash:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00629
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
debian
больше 10 лет назад
Directory traversal vulnerability in the file output plugin in Elastic ...
github
больше 3 лет назад
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.
EPSS
Процентиль: 70%
0.00629
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-22