Lucene search
Veracode Vulnerability DatabaseVERACODE:3654HistoryMar 14, 2017 - 2:06 a.m.
Information Disclosure Through Logs
2017-03-1402:06:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
47.1%
logstash-core is vulnerable to information disclosure. The vulnerability is possible because it logs information from HTTP authorization headers which could contain sensitive information. Users who use secure communication from logstash to elasticsearch via basic authorization using elastic shield or other systems are affected.
| CPE | Name | Operator | Version |
|---|---|---|---|
| logstash-core | le | 2.3.3 |
Related
github
github
Logstash Logs Sensitive Information
2022-05-14 00:58:12
osv
osv
Logstash Logs Sensitive Information
2022-05-14 00:58:12
CVE-2016-1000221
2017-06-16 21:29:00
openvas
openvas
Elastic Logstash 'CVE-2016-1000221' Information Disclosure Vulnerability
2018-03-01 00:00:00
nvd
nvd
CVE-2016-1000221
2017-06-16 21:29:00
prion
prion
Authorization
2017-06-16 21:29:00
cvelist
cvelist
CVE-2016-1000221
2017-06-16 21:00:00
cve
cve
CVE-2016-1000221
2017-06-16 21:29:00