EUVD-2019-17153

Malware in sbrugna...

Security Bulletin: A Security Vulnerability affects IBM Cloud Private - Logstash (CVE-2019-7620)

Summary A security vulnerability affects IBM Cloud Private Vulnerability Details CVEID: CVE-2019-7620 DESCRIPTION: Elastic Logstash is vulnerable to a denial of service, caused by a flaw in the Beats input plugin. By sending a specially-crafted network packet, a remote attacker could exploit this...

Denial Of Service(DoS)

Logstash is vulnerable to denial of service DoS. When an unauthenticated user is using Beats input plugin with Logstash and is able to connect to the port the Logstash beats input, malicious network packets sent by user could result in nonresponsiveness...

CVE-2019-7620

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding...

Design/Logic Flaw

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding...

CVE-2019-7620

CVE-2019-7620 is a DoS in Elastic Logstash Beats input caused by processing specially crafted network packets. Affected releases include Logstash before 7.4.1 and 6.8.4. Remediation, where available in the connected docs, is to apply the security updates/fixes (e.g., Logstash patch versions 7.4.1...