Moderate severityNVD Advisory· Published Aug 17, 2015· Updated Jun 17, 2026
CVE-2015-5531
CVE-2015-5531
Description
Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.elasticsearch:elasticsearchMaven | < 1.6.1 | 1.6.1 |
Affected products
2Patches
Vulnerability mechanics
References
11- github.com/advisories/GHSA-jjq8-vfjq-j6v4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-5531ghsaADVISORY
- www.elastic.co/community/security/nvdVendor Advisory
- packetstormsecurity.com/files/132721/Elasticsearch-Directory-Traversal.htmlnvdWEB
- packetstormsecurity.com/files/133797/ElasticSearch-Path-Traversal-Arbitrary-File-Download.htmlnvdWEB
- packetstormsecurity.com/files/133964/ElasticSearch-Snapshot-API-Directory-Traversal.htmlnvdWEB
- www.elastic.co/community/securityghsaWEB
- www.exploit-db.com/exploits/38383ghsaWEB
- www.securityfocus.com/archive/1/536017/100/0/threadednvd
- www.securityfocus.com/bid/75935nvd
- www.exploit-db.com/exploits/38383/nvd
News mentions
0No linked articles in our index yet.