← voltar
CVE-2019-7612

CVE-2019-7612

EPSS 2.4%CWE-209
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
Produtos afetados
Elastic · Logstash

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077https://security.netapp.com/advisory/ntap-20190411-0002/https://www.elastic.co/community/security