← volver
CVE-2019-7612

CVE-2019-7612

EPSS 2.4%CWE-209
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
Productos afectados
Elastic · Logstash

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077https://security.netapp.com/advisory/ntap-20190411-0002/https://www.elastic.co/community/security