Logstash ESA-2015-04

Medium Nessus Plugin ID 119460


The remote web server hosts a Java application that is vulnerable.


All Logstash versions prior to 1.4.3 that use the file output plugin are vulnerable to a directory traversal attack that allows an attacker to write files as the Logstash user.


Users should upgrade to 1.4.3 or 1.5.0 Users that do not want to upgrade can address the vulnerability by disabling the file output plugin.

See Also


Plugin Details

Severity: Medium

ID: 119460

File Name: logstash_esa_2015_04.nasl

Version: 1.1

Type: remote

Family: CGI abuses

Published: 2018/12/06

Updated: 2018/12/06

Dependencies: 109943

Risk Information

Risk Factor: Medium

CVSS Score Source: CVE-2015-4152

CVSS v2.0

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Vulnerability Information

CPE: cpe:/a:elasticsearch:logstash

Required KB Items: installed_sw/Logstash

Patch Publication Date: 2015/06/09

Vulnerability Publication Date: 2015/06/09

Reference Information

CVE: CVE-2015-4152