CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10363
https://notcve.org/view.php?id=CVE-2016-10363
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit. Logstash en versiones anteriores a la 2.3.3, cuando se usa el plugin Netflow Codec plugin, un atacante remoto modificando maliciosamente Netflow v5, Netflow v9 o paquetes IPFIX podría realizar un ataque de denegación de servicio en la instancia Logstash. Los errores resultantes de esa entrada modifica no son majedos por el codec y pueden provocar la salida del proceso de Logstash • https://www.elastic.co/community/security • CWE-248: Uncaught Exception CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4152
https://notcve.org/view.php?id=CVE-2015-4152
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option. Vulnerabilidad de salto de directorio en el plugin file output en Elasticsearch Logstash anterior a 1.4.3 permite a atacantes remotos escribir en ficheros arbitrarios a través de vectores relacionados con referencia a campos dinámicos en la opción de rutas. • http://packetstormsecurity.com/files/132233/Logstash-1.4.2-Directory-Traversal.html http://www.securityfocus.com/archive/1/535725/100/0/threaded https://www.elastic.co/blog/logstash-1-4-3-released https://www.elastic.co/community/security • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0CVE-2014-4326
https://notcve.org/view.php?id=CVE-2014-4326
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/. Elasticsearch Logstash 1.0.14 hasta 1.4.x anterior a 1.4.2 permite a atacantes remotos ejecutar comandos arbitrarios a través de un evento manipulado en (1) zabbix.rb o (2) nagios_nsca.rb en outputs/. • http://www.elasticsearch.org/blog/logstash-1-4-2 http://www.securityfocus.com/archive/1/532841/100/0/threaded https://www.elastic.co/community/security • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •