A sensitive data disclosure flaw was found in the way Logstash versions prior to 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
elastic logstash |
||
netapp active iq performance analytics services - |