CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-24824 – graylog2-server vulnerable to instantiation of arbitrary classes triggered by API request
https://notcve.org/view.php?id=CVE-2024-24824
07 Feb 2024 — Graylog is a free and open log management platform. Starting in version 2.0.0 and prior to versions 5.1.11 and 5.2.4, arbitrary classes can be loaded and instantiated using a HTTP PUT request to the `/api/system/cluster_config/` endpoint. Graylog's cluster config system uses fully qualified class names as config keys. To validate the existence of the requested class before using them, Graylog loads the class using the class loader. If a user with the appropriate permissions performs the request, arbitrary c... • https://github.com/Graylog2/graylog2-server/blob/e458db8bf4f789d4d19f1b37f0263f910c8d036c/graylog2-server/src/main/java/org/graylog2/rest/resources/system/ClusterConfigResource.java#L208-L214 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-41045 – Insecure source port usage for DNS queries in Graylog
https://notcve.org/view.php?id=CVE-2023-41045
31 Aug 2023 — Graylog is a free and open log management platform. Graylog makes use of only one single source port for DNS queries. Graylog binds a single socket for outgoing DNS queries and while that socket is bound to a random port number it is never changed again. This goes against recommended practice since 2008, when Dan Kaminsky discovered how easy is to carry out DNS cache poisoning attacks. In order to prevent cache poisoning with spoofed DNS responses, it is necessary to maximise the uncertainty in the choice o... • https://github.com/Graylog2/graylog2-server/commit/466af814523cffae9fbc7e77bab7472988f03c3e • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 1CVE-2023-41041 – User session is still usable after logout in graylog2-server
https://notcve.org/view.php?id=CVE-2023-41041
30 Aug 2023 — Graylog is a free and open log management platform. In a multi-node Graylog cluster, after a user has explicitly logged out, a user session may still be used for API requests until it has reached its original expiry time. Each node maintains an in-memory cache of user sessions. Upon a cache-miss, the session is loaded from the database. After that, the node operates solely on the cached session. • https://github.com/Graylog2/graylog2-server/commit/bb88f3d0b2b0351669ab32c60b595ab7242a3fe3 • CWE-613: Insufficient Session Expiration •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-37759
https://notcve.org/view.php?id=CVE-2021-37759
31 Jul 2021 — A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID). Un filtrado de ID de sesión en el archivo de registro DEBUG en Graylog versiones anteriores a 4.1.2 permite a atacantes escalar privilegios (al nivel de acceso del ID de sesión filtrado) • https://www.graylog.org/post/announcing-graylog-v4-1-2 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-37760
https://notcve.org/view.php?id=CVE-2021-37760
31 Jul 2021 — A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID). Un filtrado de ID de Sesión en el registro de auditoría en Graylog versiones anteriores a 4.1.2 permite a atacantes escalar privilegios (al nivel de acceso del ID de sesión filtrado) • https://www.graylog.org/post/announcing-graylog-v4-1-2 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15813
https://notcve.org/view.php?id=CVE-2020-15813
17 Jul 2020 — Graylog before 3.3.3 lacks SSL Certificate Validation for LDAP servers. It allows use of an external user/group database stored in LDAP. The connection configuration allows the usage of unencrypted, SSL- or TLS-secured connections. Unfortunately, the Graylog client code (in all versions that support LDAP) does not implement proper certificate validation (regardless of whether the "Allow self-signed certificates" option is used). Therefore, any attacker with the ability to intercept network traffic between a... • https://github.com/Graylog2/graylog2-server/issues/5906 • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-14380
https://notcve.org/view.php?id=CVE-2018-14380
18 Jul 2018 — In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts. En Graylog, en versiones anteriores a la 2.4.6, Cross-Site Scripting (XSS) era posible en los componentes typeahead. Esto está relacionado con components/common/TypeAheadInput.jsx y components/search/QueryInput.ts. • https://github.com/ossf-cve-benchmark/CVE-2018-14380 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11650
https://notcve.org/view.php?id=CVE-2018-11650
01 Jun 2018 — Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js. Graylog en versiones anteriores a la v2.4.4 tiene un problema de seguridad de Cross-Site Scripting (XSS) con texto no escapado en las notificaciones. Esto está relacionado con toastr y util/UserNotification.js. • https://github.com/Graylog2/graylog2-server/pull/4727 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11651
https://notcve.org/view.php?id=CVE-2018-11651
01 Jun 2018 — Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx. Graylog en versiones anteriores a la v2.4.4 tiene un problema de seguridad de Cross-Site Scripting (XSS) con texto no escapado en los nombres de los dashboards. Esto está relacionado con components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx y pages/ShowDashboardPage.jsx. • https://github.com/Graylog2/graylog2-server/pull/4739 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •