CVSS: 4.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-7016
https://notcve.org/view.php?id=CVE-2020-7016
27 Jul 2020 — Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming unresponsive. En Kibana versiones anteriores a 6.8.11 y 7.8.1, contiene un fallo de denegación de servicio (DoS) en Timelion. Un atacante puede construir una URL que, cuando es visualizada por un usuario de Kibana, puede conllevar al proceso de Kibana a consumir grandes cantidad... • https://discuss.elastic.co/t/elastic-stack-6-8-11-and-7-8-1-security-update/242786 • CWE-185: Incorrect Regular Expression CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2020-7017
https://notcve.org/view.php?id=CVE-2020-7017
27 Jul 2020 — In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualization. En Kibana versiones anteriores a 6.8.11 y 7.8.1, la visualización del mapa de región contiene un fallo de tipo XSS almacenado. Un atacante que es capaz de editar o crear una visualización de mapa de región pod... • https://discuss.elastic.co/t/elastic-stack-6-8-11-and-7-8-1-security-update/242786 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11480
https://notcve.org/view.php?id=CVE-2017-11480
08 Dec 2017 — Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic. Las versiones anteriores a la 5.6.4 de Packetbeat se han visto afectadas por un fallo de denegación de servicio en el manipulador del protocolo PostgreSQL. Si Packetbeat está escuchando el... • https://discuss.elastic.co/t/beats-5-6-4-security-update/106739 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.1EPSS: 0%CPEs: 22EXPL: 0CVE-2017-11479
https://notcve.org/view.php?id=CVE-2017-11479
28 Sep 2017 — Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. Las versiones anteriores a la 5.6.1 de Kibana presentan una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Timelion que podría permitir a un atacante obtener información sensible o realizar acciones destructivas en nombre de otros usuarios de Kibana. • http://www.openwall.com/lists/oss-security/2019/10/24/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8444
https://notcve.org/view.php?id=CVE-2017-8444
28 Sep 2017 — The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt traffic to ZooKeeper. If an attacker is able to man in the middle (MITM) the traffic between the client-forwarder and ZooKeeper they could potentially obtain sensitive data. client-forwarder en las versiones de Elastic Cloud Enterprise anteriores a 1.0.2 no cifra el tráfico a ZooKeeper. Si un atacante puede realizar un ataque Man-in-the-Middle (MitM) en el tráfico entre client-forwarder y ZooKeeper, podría obten... • https://discuss.elastic.co/t/elastic-cloud-enterprise-1-0-2-security-update/100247 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2017-14730
https://notcve.org/view.php?id=CVE-2017-14730
25 Sep 2017 — The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link. El script init en el paquete app-admin/logstash-bin de Gentoo en versiones anteriores a la 5.5.3 y las versiones 5.6.x anteriores a la 5.6.1 tiene llamadas "chown -R" para árboles de directorio escribibles por los usuarios, lo que permite que ... • https://bugs.gentoo.org/628558 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8446
https://notcve.org/view.php?id=CVE-2017-8446
18 Aug 2017 — The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reporting_user role could execute a report with the permissions of another reporting user, possibly gaining access to sensitive data. La característica Reporting en X-Pack en versiones anteriores a la 5.5.2 y el plugin independiente Reporting en versiones anteriores a la 2.4.6 presentaba una vulnerabilidad de suplantación. Un usuario ... • https://www.elastic.co/community/security • CWE-269: Improper Privilege Management CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10362
https://notcve.org/view.php?id=CVE-2016-10362
16 Jun 2017 — Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials. Anteriores a la versión 5.0.1 de Logstash, el plugin Elasticsearch Output cuando actualiza las conexiones después de escucharlas, logaría al archivo HTTP las credenciales básicas. • http://www.securityfocus.com/bid/99154 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.9EPSS: 0%CPEs: 9EXPL: 0CVE-2015-5619 – Logstash 1.5.3 Man-In-The-Middle
https://notcve.org/view.php?id=CVE-2015-5619
23 Aug 2015 — Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash forwarder does not validate SSL/TLS certificates from the Logstash server, which might allow attackers to obtain sensitive information via a man-in-the-middle attack. Logstash en versiones 1.4.x anteriores a la 1.4.5 y en versiones 1.5.x anteriores a la 1.5.4 con salida Lumberjack o el redireccionador Logstash no valida certificados SSL/TLS desde el servidor Logstash, lo que podría permitir que atacantes obtuviesen inf... • http://packetstormsecurity.com/files/133269/Logstash-1.5.3-Man-In-The-Middle.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2015-5378 – Logstash 1.5.2 SSL/TLS FREAK
https://notcve.org/view.php?id=CVE-2015-5378
21 Jul 2015 — Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server. Logstash 1.5.x versiones anteriores a 1.5.3 y 1.4.x anteriores a 1.4.4 permite a atacantes remotos leer las comunicaciones entre el agente Logstash Forwarder y el servidor Logstash. Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfu... • http://packetstormsecurity.com/files/132800/Logstash-1.5.2-SSL-TLS-FREAK.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •