CVE-2015-4152

Name of the Vulnerable Software and Affected Versions Elasticsearch Logstash versions prior to 1.4.3

Description A directory traversal issue exists in the file output plugin, allowing remote attackers to write to arbitrary files through dynamic field references in the path option.

Recommendations For versions prior to 1.4.3, update to version 1.4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the file output plugin to minimize the risk of exploitation.