Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elastic logstash vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-3817
When logging warnings regarding deprecated settings, Logstash prior to 5.6.6 and 6.x prior to 6.1.2 could inadvertently log sensitive information.
Elastic Logstash
6.1
CVSSv3
CVE-2018-3824
X-Pack Machine Learning versions prior to 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. If an attacker is able to inject data into an index that has a ML job running against it, then when another user views the results of the ML job it could allow the malicious ...
Elastic Elasticsearch X-pack
Elastic Kibana X-pack
Elastic Logstash X-pack
5.4
CVSSv3
CVE-2018-3823
X-Pack Machine Learning versions prior to 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. Users with manage_ml permissions could create jobs containing malicious data as part of their configuration that could allow the malicious user to obtain sensitive informatio...
Elastic Elasticsearch X-pack
Elastic Kibana X-pack
Elastic Logstash X-pack
9.8
CVSSv3
CVE-2019-7612
A sensitive data disclosure flaw was found in the way Logstash versions prior to 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
Elastic Logstash
Netapp Active Iq Performance Analytics Services -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2