Denial of Service Vulnerability in Logstash by Elastic
CVE-2016-10363

7.5HIGH

Key Information:

Vendor: Elastic
Status: Logstash
Vendor: CVE Published:; 16 June 2017

What is CVE-2016-10363?

A vulnerability exists in Logstash versions before 2.3.3, where the Netflow Codec plugin is susceptible to denial of service attacks. Malicious attackers can exploit this flaw by sending specially crafted Netflow v5, Netflow v9, or IPFIX packets, which the codec fails to handle correctly. As a result, the Logstash process may terminate unexpectedly, potentially disrupting services that rely on real-time data processing.

Affected Version(s)

Logstash before 2.3.3

References

https://www.elastic.co/community/security

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2017
Vulnerability Reserved
May 2, 2017