Logstash Elastic Logstash

Do you want an email whenever new security vulnerabilities are reported in Elastic Logstash?

By the Year

In 2023 there have been 1 vulnerability in Elastic Logstash with an average score of 5.5 out of ten. Logstash did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.

Year Vulnerabilities Average Score
2023 1 5.50
2022 0 0.00
2021 1 3.70
2020 0 0.00
2019 2 8.65
2018 1 6.50

It may take a day or so for new Logstash vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Elastic Logstash Security Vulnerabilities

An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances

CVE-2023-46672 5.5 - Medium - November 15, 2023

An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format. * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.

Insertion of Sensitive Information into Log File

In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature

CVE-2021-22138 3.7 - Low - May 13, 2021

In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. When specifying a trusted server CA certificate Logstash would not properly verify the certificate returned by the monitoring server. This could result in a man in the middle style attack against the Logstash monitoring data.

Improper Certificate Validation

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin

CVE-2019-7620 7.5 - High - October 30, 2019

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding.

Improper Input Validation

A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs

CVE-2019-7612 9.8 - Critical - March 25, 2019

A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.

Credentials Management Errors

When logging warnings regarding deprecated settings

CVE-2018-3817 6.5 - Medium - March 30, 2018

When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information.

Information Disclosure

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Elastic Logstash or by Elastic? Click the Watch button to subscribe.

Elastic
Vendor

subscribe