Back to search
CVE-2016-10363
Published: Jun 16, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit.
| Vendor | Product | Versions |
|---|---|---|
Elastic | Logstash | affected before 2.3.3 |
Weaknesses (CWE)
References
https://www.elastic.co/community/security
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now