Elastic Logstash 'CVE-2015-5378' Man in the Middle Security Bypass Vulnerability - Linux

Elastic Logstash is prone to a security bypass vulnerability. This VT has been deprecated and merged into the VT VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Elastic Logstash 'CVE-2015-5378' Man in the Middle Security Bypass Vulnerability

Elastic Logstash is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:logstash";...

logstash -- SSL/TLS vulnerability with Lumberjack input

Elastic reports: Vulnerability Summary: All Logstash versions prior to 1.5.2 that use Lumberjack input in combination with Logstash Forwarder agent are vulnerable to a SSL/TLS security issue called the FREAK attack. This allows an attacker to intercept communication and access secure data. Users...

Logstash SSL/TLS FREAK Vulnerability CVE-2015-5378

Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfully implement a man in the middle attack, intercepting communication between the Logstash Forwarder agent and Logstash...

logstash-forwarder and logstash -- susceptibility to POODLE vulnerability

Elastic reports: The combination of Logstash Forwarder and Lumberjack input and output was vulnerable to the POODLE attack in SSLv3 protocol. We have disabled SSLv3 for this combination and set the minimum version to be TLSv1.0. We have added this vulnerability to our CVE page and are working on...