logstash-forwarder and logstash -- susceptibility to POODLE vulnerability

2015-06-09T00:00:00
ID AD4D3871-1A0D-11E5-B43D-002590263BF5
Type freebsd
Reporter FreeBSD
Modified 2015-06-24T00:00:00

Description

Elastic reports:

The combination of Logstash Forwarder and Lumberjack input (and output) was vulnerable to the POODLE attack in SSLv3 protocol. We have disabled SSLv3 for this combination and set the minimum version to be TLSv1.0. We have added this vulnerability to our CVE page and are working on filling out the CVE. Thanks to Tray Torrance, Marc Chadwick, and David Arena for reporting this.

SSLv3 is no longer supported; TLS 1.0+ is required (compatible with Logstash 1.4.2+).