edit-icon download-icon

[Vulnerability notice] Arbitrary file access vulnerability in Elasticsearch

Last Updated: May 07, 2018

Description

Elasticsearch is a Lucene-based search service and the second-most popular enterprise search engine.

Elasticsearch does not impose strict code filtering policy, which can be exploited by malicious users to access arbitrary file in a specific directory. For example, an attack can use the http://localhost:9200/_plugin/head/../../../../../../../../../etc/passwd URL to access any file by using certain tool. Note that directly accessing this address does not work.

Fix

Upgrade Elasticsearch to the 1.5.2 version or later from the official website.

Thank you! We've received your feedback.