High severity7.5NVD Advisory· Published Aug 9, 2017· Updated May 13, 2026

CVE-2015-4165

Description

The snapshot API in Elasticsearch before 1.6.0 when another application exists on the system that can read Lucene files and execute code from them, is accessible by the attacker, and the Java VM on which Elasticsearch is running can write to a location that the other application can read and execute from, allows remote authenticated users to write to and create arbitrary snapshot metadata files, and potentially execute arbitrary code.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.elasticsearch:elasticsearchMaven	< 1.6.0	1.6.0

Affected products

Elasticsearch/Elasticsearch
cpe:2.3:a:elasticsearch:elasticsearch:1.5.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/132234/Elasticsearch-1.5.2-File-Creation.htmlnvdThird Party AdvisoryVDB EntryWEB
www.securityfocus.com/bid/75113nvdMitigationThird Party AdvisoryVDB Entry
bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
github.com/advisories/GHSA-fh5x-4j57-6q5xghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2015-4165ghsaADVISORY
www.elastic.co/community/security/nvdVendor Advisory
www.elastic.co/community/securityghsaWEB
www.securityfocus.com/archive/1/535727/100/0/threadednvd
www.securityfocus.com/archive/1/536855/100/0/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000