CVE-2015-5531 — Vulnetix

Try Vulnetix Request Demo

CVE-2015-5531 REJECTED

Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.

EPSS 91.58% · 99.7th percentile

Risk Scores

EPSS Score

91.58%

99.7th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	elasticsearch	0, 1.6.2+dfsg-1, 1.7.3+dfsg-1

Timeline

Jul 16, 2015 CVE Published
Oct 2, 2015 PoC Published
May 29, 2018 PoC Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Aug 2, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2015-5531 third-party-advisory
https://www.elastic.co/blog/elasticsearch-1-7-0-and-1-6-1-released#security third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2015-5531 third-party-advisory

Open in Interactive Console →