daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2015/CVE-2015-3337.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-06-06 17:10:51 -04:00
parent 1c50a82a1c
commit 913b1b3ae9
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2015/CVE-2015-3337.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2015-3337
info:
name: Elasticsearch Head plugin LFI
name: Elasticsearch - Local File Inclusion
author: pdteam
severity: high
description: Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
description: Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
reference:
- https://www.exploit-db.com/exploits/37054/
- http://www.securityfocus.com/archive/1/535385
- https://www.elastic.co/community/security
- http://www.debian.org/security/2015/dsa-3241
- https://nvd.nist.gov/vuln/detail/CVE-2015-3337
classification:
cve-id: CVE-2015-3337
tags: cve,cve2015,elastic,lfi,elasticsearch,plugin
@ -29,3 +29,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/06/06