CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2017-14730
https://notcve.org/view.php?id=CVE-2017-14730
25 Sep 2017 — The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link. El script init en el paquete app-admin/logstash-bin de Gentoo en versiones anteriores a la 5.5.3 y las versiones 5.6.x anteriores a la 5.6.1 tiene llamadas "chown -R" para árboles de directorio escribibles por los usuarios, lo que permite que ... • https://bugs.gentoo.org/628558 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.9EPSS: 0%CPEs: 9EXPL: 0CVE-2015-5619 – Logstash 1.5.3 Man-In-The-Middle
https://notcve.org/view.php?id=CVE-2015-5619
23 Aug 2015 — Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash forwarder does not validate SSL/TLS certificates from the Logstash server, which might allow attackers to obtain sensitive information via a man-in-the-middle attack. Logstash en versiones 1.4.x anteriores a la 1.4.5 y en versiones 1.5.x anteriores a la 1.5.4 con salida Lumberjack o el redireccionador Logstash no valida certificados SSL/TLS desde el servidor Logstash, lo que podría permitir que atacantes obtuviesen inf... • http://packetstormsecurity.com/files/133269/Logstash-1.5.3-Man-In-The-Middle.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2015-5378 – Logstash 1.5.2 SSL/TLS FREAK
https://notcve.org/view.php?id=CVE-2015-5378
21 Jul 2015 — Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server. Logstash 1.5.x versiones anteriores a 1.5.3 y 1.4.x anteriores a 1.4.4 permite a atacantes remotos leer las comunicaciones entre el agente Logstash Forwarder y el servidor Logstash. Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfu... • http://packetstormsecurity.com/files/132800/Logstash-1.5.2-SSL-TLS-FREAK.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •