CPE-7CDD8A71-A9EA-401E-B0B8-F95A9DB66982 Detail

CPE Details

Elastic Logstash 1.4.2

Vendor

elastic

Product

logstash

Version

1.4.2

Created

2019-06-17
13h42 +00:00

Modified

2019-06-17
13h42 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:elastic:logstash:1.4.2:::::::*

Informations

Vendor

elastic

Product

logstash

Version

1.4.2

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2019-7612	2019-03-25 17h34 +00:00	A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.	9.8	Critical
CVE-2018-3817	2018-03-30 18h00 +00:00	When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information.	6.5	Medium
CVE-2015-5619	2017-08-09 14h00 +00:00	Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash forwarder does not validate SSL/TLS certificates from the Logstash server, which might allow attackers to obtain sensitive information via a man-in-the-middle attack.	5.9	Medium
CVE-2015-5378	2017-06-27 18h00 +00:00	Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server.	7.5	High
CVE-2016-1000221	2017-06-16 19h00 +00:00	Logstash prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information.	7.5	High
CVE-2016-1000222	2017-06-16 19h00 +00:00	Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data.	7.5	High
CVE-2016-10363	2017-06-16 19h00 +00:00	Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit.	7.5	High
CVE-2015-4152	2015-06-15 13h00 +00:00	Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.	6.4

Elastic Logstash 1.4.2

CPE Details

CPE Name: cpe:2.3:a:elastic:logstash:1.4.2:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:elastic:logstash:1.4.2:::::::*