This Metasploit module exploits a directory traversal vulnerability in ElasticSearch, allowing an attacker to read arbitrary files with JVM process privileges, through the Snapshot API.
9e9a04cf21f31c1319caa6af694dd744146d5b671a3f719be244d3e2a6ee6426
Proof of concept code that demonstrates a path traversal vulnerability in ElasticSearch that allows for arbitrary file disclosure.
acc7fbc1802f44f38d620e53cd9d14a6ea2c9e4d060e96de4e1424e40872e719
Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack that allows an attacker to retrieve files that are readable by the Elasticsearch JVM process.
b31e33f0be2db96a5fdb079e65aaf1b8bd17143da9e03e617b58e897d6aa2937