CVE-2016-10362

Опубликовано: 16 июн. 2017

Источник: debian

Описание

Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials.

Пакет	Статус	Версия исправления	Релиз	Тип
logstash	itp			package

CVE-2016-10362

CVSS3: 6.5

nvd

больше 8 лет назад

Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials.

GHSA-3gg4-6hqg-2vjx

CVSS3: 6.5

github

больше 3 лет назад

Logstash Logs Sensitive Information