logstash-core is vulnerable to information disclosure. The vulnerability is possible because it logs information from HTTP authorization headers which could contain sensitive information. Users who use secure communication from logstash to elasticsearch via basic authorization using elastic shield or other systems are affected.
CPE | Name | Operator | Version |
---|---|---|---|
logstash-core | le | 2.3.3 |