CVE-2015-3337

Public exploit
Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
Max CVSS
4.3
EPSS Score
96.19%
Published
2015-05-01
Updated
2015-06-25
Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server.
Max CVSS
7.5
EPSS Score
0.34%
Published
2017-06-27
Updated
2019-06-17
Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack.
Max CVSS
6.1
EPSS Score
0.09%
Published
2017-06-16
Updated
2020-08-14
Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials.
Max CVSS
6.5
EPSS Score
0.06%
Published
2017-06-16
Updated
2019-10-09
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit.
Max CVSS
7.5
EPSS Score
0.24%
Published
2017-06-16
Updated
2019-10-09
With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions.
Max CVSS
6.5
EPSS Score
0.07%
Published
2017-06-16
Updated
2020-08-14
Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website.
Max CVSS
6.1
EPSS Score
0.09%
Published
2017-06-16
Updated
2020-10-19
Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack.
Max CVSS
6.1
EPSS Score
0.09%
Published
2017-06-16
Updated
2020-08-14
Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an attacker to generate superfluous reports whenever an authenticated Kibana user navigates to a specially-crafted page.
Max CVSS
8.8
EPSS Score
0.07%
Published
2017-06-16
Updated
2017-07-05
Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers could be written to the log files. This information could be used to hijack sessions of other users when using Kibana behind some form of authentication such as Shield.
Max CVSS
7.5
EPSS Score
0.10%
Published
2017-06-16
Updated
2020-08-14
Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execute arbitrary JavaScript in users' browsers.
Max CVSS
6.1
EPSS Score
0.08%
Published
2017-06-16
Updated
2020-08-14
Logstash prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information.
Max CVSS
7.5
EPSS Score
0.12%
Published
2017-06-16
Updated
2019-06-17
Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data.
Max CVSS
7.5
EPSS Score
0.10%
Published
2017-06-16
Updated
2019-06-17
Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as functionality. This bug prevents transitioning into the specified user specified in a run_as request. If a role has been created using a template that contains the _user properties, the behavior of run_as will be incorrect. Additionally if the run_as user specified does not exist, the transition will not happen.
Max CVSS
8.8
EPSS Score
0.20%
Published
2017-06-05
Updated
2019-10-09
Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder. This bug could allow an attacker to obtain sensitive information from Kibana users.
Max CVSS
6.1
EPSS Score
0.14%
Published
2017-06-05
Updated
2020-08-14
Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Max CVSS
6.1
EPSS Score
0.14%
Published
2017-06-05
Updated
2020-08-14
Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not always correctly apply Document Level Security to index aliases. This bug could allow a user with restricted permissions to view data they should not have access to when performing certain operations against an index alias.
Max CVSS
4.3
EPSS Score
0.07%
Published
2017-06-05
Updated
2019-10-09
Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication realm. This could allow an authenticated Elasticsearch user to improperly view these details.
Max CVSS
6.5
EPSS Score
0.07%
Published
2017-07-07
Updated
2019-10-09
In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters credentials on this screen, the credentials will appear in the URL bar. The credentials could then be viewed by untrusted parties or logged into the Kibana access logs.
Max CVSS
6.5
EPSS Score
0.17%
Published
2017-06-30
Updated
2020-10-19
An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node using any certificate to join a cluster. The proper behavior in this instance is for the TLS trust manager to deny all certificates.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-08-18
Updated
2019-10-09
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!