CVE-2016-10363
N/A
N/A
Summary
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Elastic | Logstash | before 2.3.3 | affected |
Weaknesses
- CWE-248: CWE-248: Uncaught Exception
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.