Описание
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environment variable FLUENT_OJ_OPTION_MODE is explicitly set to object. Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd version 1.13.2. Earlier versions of Fluentd are not affected by this vulnerability. This issue was patched in version 1.15.3. As a workaround do not use FLUENT_OJ_OPTION_MODE=object.
A remote code execution (RCE) vulnerability was found in non-default configurations of Fluentd. This issue allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads.
Отчет
The Fluentd setups are only affected if the environment variable FLUENT_OJ_OPTION_MODE is explicitly set to object, which is a non-default configuration. Hence, this CVE is categorized as Moderate impact.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/fluentd-rhel8 | Not affected | ||
| Red Hat OpenShift Container Platform 3.11 | fluentd | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.11 | openshift3/logging-fluentd | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-fluentd | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) | puppet-fluentd | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) | rhosp13/openstack-fluentd | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
8.1 High
CVSS3
Связанные уязвимости
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environment variable `FLUENT_OJ_OPTION_MODE` is explicitly set to `object`. Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd version 1.13.2. Earlier versions of Fluentd are not affected by this vulnerability. This issue was patched in version 1.15.3. As a workaround do not use `FLUENT_OJ_OPTION_MODE=object`.
Fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)
Fluentd collects events from various data sources and writes them to f ...
fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)
EPSS
8.1 High
CVSS3