Lucene search
HistoryJul 22, 2014 - 2:55 p.m.
CVE-2014-4326
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.3%
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.
Affected configurations
Node
elasticlogstashMatch1.0.14
ORelasticlogstashMatch1.0.15
ORelasticlogstashMatch1.0.16
ORelasticlogstashMatch1.0.17
ORelasticlogstashMatch1.1.0
ORelasticlogstashMatch1.1.0.1
ORelasticlogstashMatch1.1.1
ORelasticlogstashMatch1.1.2
ORelasticlogstashMatch1.1.3
ORelasticlogstashMatch1.1.4
ORelasticlogstashMatch1.1.5
ORelasticlogstashMatch1.1.6
ORelasticlogstashMatch1.1.7
ORelasticlogstashMatch1.1.8
ORelasticlogstashMatch1.1.9
ORelasticlogstashMatch1.1.10
ORelasticlogstashMatch1.1.11
ORelasticlogstashMatch1.1.12
ORelasticlogstashMatch1.1.13
ORelasticlogstashMatch1.2.1
ORelasticlogstashMatch1.2.2
ORelasticlogstashMatch1.3.0
ORelasticlogstashMatch1.3.1
ORelasticlogstashMatch1.3.2
ORelasticlogstashMatch1.3.3
ORelasticlogstashMatch1.4.0
ORelasticlogstashMatch1.4.1
Related
cve
cve
CVE-2014-4326
2014-07-22 14:55:09
nessus
nessus
Logstash ESA-2014-02
2018-12-06 00:00:00
freebsd
freebsd
securityvulns
securityvulns
openvas
openvas
Elastic Logstash 'CVE-2014-4326' RCE Vulnerability - Linux
2016-06-28 00:00:00
Elastic Logstash 'CVE-2014-4326' RCE Vulnerability
2016-06-24 00:00:00
prion
prion
Design/Logic Flaw
2014-07-22 14:55:00
cvelist
cvelist
CVE-2014-4326
2014-07-22 14:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.3%
Related for NVD:CVE-2014-4326