Elastic Logstash
By the Year
In 2023 there have been 1 vulnerability in Elastic Logstash with an average score of 5.5 out of ten. Logstash did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 5.50 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 3.70 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 8.65 |
| 2018 | 1 | 6.50 |
It may take a day or so for new Logstash vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Elastic Logstash Security Vulnerabilities
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances
CVE-2023-46672
5.5 - Medium
- November 15, 2023
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format. * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.
Insertion of Sensitive Information into Log File
In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature
CVE-2021-22138
3.7 - Low
- May 13, 2021
In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. When specifying a trusted server CA certificate Logstash would not properly verify the certificate returned by the monitoring server. This could result in a man in the middle style attack against the Logstash monitoring data.
Improper Certificate Validation
Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin
CVE-2019-7620
7.5 - High
- October 30, 2019
Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding.
Improper Input Validation
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs
CVE-2019-7612
9.8 - Critical
- March 25, 2019
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
Credentials Management Errors
When logging warnings regarding deprecated settings
CVE-2018-3817
6.5 - Medium
- March 30, 2018
When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Elastic Logstash or by Elastic? Click the Watch button to subscribe.
