Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:35 a.m.13 views

CVE-2023-41044

Graylog is a free and open log management platform. A partial path traversal vulnerability exists in Graylog's Support Bundle feature. The vulnerability is caused by incorrect user input validation in an HTTP API resource. Graylog's Support Bundle feature allows an attacker with valid Admin role...

3.8CVSS6.5AI score0.00569EPSS
Exploits1References1
NVD
NVD
added 2023/08/31 6:15 p.m.59 views

CVE-2023-41044

Graylog is a free and open log management platform. A partial path traversal vulnerability exists in Graylog's Support Bundle feature. The vulnerability is caused by incorrect user input validation in an HTTP API resource. Graylog's Support Bundle feature allows an attacker with valid Admin role...

3.8CVSS3.7AI score0.00569EPSS
Exploits1References3
CVE
CVE
added 2023/08/31 5:10 p.m.100 views

CVE-2023-41044

Graylog exposes a partial path traversal vulnerability in its Support Bundle feature (requires valid Admin credentials). The issue stems from improper input validation in an HTTP API resource, allowing reading or deleting files under sibling directories of the support-bundle directory (data_dir d...

3.8CVSS3.6AI score0.00569EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2023/07/06 8:53 p.m.7 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=5.2.0), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=5.1.2) +3 more potentially affected by CVE-2023-41044 via org.graylog2:graylog2-server (>=5.1.0 <=5.1.2)

org.graylog2:graylog2-server MAVEN version =5.1.0, =5.1.0, =5.1.0, =5.1.13 Source cves: CVE-2023-41044 Source advisory: OSV:GHSA-2Q4P-F6GF-MQR5...

3.8CVSS5.8AI score0.00569EPSS
Exploits1
Rows per page
Query Builder