Описание
Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.6.4 (исключая)
cpe:2.3:a:elasticsearch:packetbeat:*:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.0054
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-404
NVD-CWE-noinfo
Связанные уязвимости
EPSS
Процентиль: 67%
0.0054
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-404
NVD-CWE-noinfo