HIGH🇵🇱 Wersja polska

CVE-2015-5378

CVSS 7.5v3.0pub. 2017-06-27upd. 2026-05-13

Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Elastic Logstash

    APP
    Elastic
    1.4.01.4.11.4.2
  • Elasticsearch Logstash

    APP
    Elasticsearch
    1.4.31.5.01.5.11.5.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2019-7612CRITICAL9.8ten sam produkt

A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed...

CVE-2026-33466HIGH8.1ten sam produkt

Improper Limitation of a Pathname to a Restricted Directory (CWE-22) in Logstash can lead to arbitrary file wr...

CVE-2023-46672HIGH8.4ten sam produkt

An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific c...

CVE-2019-7620HIGH7.5ten sam produkt

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. ...

CVE-2017-14730HIGH7.8ten sam produkt

The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R...