CVE-2017-10906
fluentd: Escape sequence injection in filter_parser.rb:filter_stream can lead to arbitrary command execution when processing logs
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.
Una vulnerabilidad de inyección de secuencias de escape en Fluentd en las versiones 0.12.29 hasta la 0.12.40 podría permitir que un atacante cambie la interfaz de usuario del terminal o ejecute comandos arbitrarios en el dispositivo mediante vectores sin especificar.
Fluentd is an open source data collector designed to scale and simplify log management. It can collect, process and ship many kinds of data in near real-time. Issues addressed include an escape sequence injection vulnerability that allows for arbitrary code execution.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-07-04 CVE Reserved
- 2017-12-08 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-138: Improper Neutralization of Special Elements
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes | Issue Tracking | |
| https://jvn.jp/en/vu/JVNVU95124098/index.html | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/fluent/fluentd/pull/1733 | 2021-08-04 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:2225 | 2021-08-04 | |
| https://access.redhat.com/security/cve/CVE-2017-10906 | 2018-07-19 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1524783 | 2018-07-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.29 Search vendor "Fluentd" for product "Fluentd" and version "0.12.29" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.30 Search vendor "Fluentd" for product "Fluentd" and version "0.12.30" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.31 Search vendor "Fluentd" for product "Fluentd" and version "0.12.31" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.32 Search vendor "Fluentd" for product "Fluentd" and version "0.12.32" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.33 Search vendor "Fluentd" for product "Fluentd" and version "0.12.33" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.34 Search vendor "Fluentd" for product "Fluentd" and version "0.12.34" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.35 Search vendor "Fluentd" for product "Fluentd" and version "0.12.35" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.36 Search vendor "Fluentd" for product "Fluentd" and version "0.12.36" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.37 Search vendor "Fluentd" for product "Fluentd" and version "0.12.37" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.38 Search vendor "Fluentd" for product "Fluentd" and version "0.12.38" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.39 Search vendor "Fluentd" for product "Fluentd" and version "0.12.39" | - |
Affected
| ||||||
| Fluentd Search vendor "Fluentd" | Fluentd Search vendor "Fluentd" for product "Fluentd" | 0.12.40 Search vendor "Fluentd" for product "Fluentd" and version "0.12.40" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openstack Search vendor "Redhat" for product "Openstack" | 13 Search vendor "Redhat" for product "Openstack" and version "13" | - |
Affected
| ||||||