All the vulnerabilites related to Elasticsearch - Packetbeat
jvndb-2017-009536
Vulnerability from jvndb
Published
2024-08-21 17:54
Modified
2024-08-21 17:54
Severity ?
Summary
Packetbeat vulnerable to denial-of-service (DoS)
Details
Packetbeat provided by Elastic contains a denial-of-service (DoS) vulnerability. Packetbeat provided by Elastic is a network packet analyzer. Packetbeat contains a flaw in processing the PostgreSQL handler (CWE-129) .
Impacted products
ElasticsearchPacketbeat
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-009536.html",
  "dc:date": "2024-08-21T17:54+09:00",
  "dcterms:issued": "2024-08-21T17:54+09:00",
  "dcterms:modified": "2024-08-21T17:54+09:00",
  "description": "Packetbeat provided by Elastic contains a denial-of-service (DoS) vulnerability.\r\n\r\nPacketbeat provided by Elastic is a network packet analyzer. Packetbeat contains a flaw in processing the PostgreSQL handler (CWE-129) .",
  "link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-009536.html",
  "sec:cpe": {
    "#text": "cpe:/a:elasticsearch:packetbeat",
    "@product": "Packetbeat",
    "@vendor": "Elasticsearch",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "5.0",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
      "@version": "2.0"
    },
    {
      "@score": "5.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2017-009536",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU94371484/index.html",
      "@id": "JVNVU#94371484",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11480",
      "@id": "CVE-2017-11480",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-11480",
      "@id": "CVE-2017-11480",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/129.html",
      "@id": "CWE-129",
      "@title": "Improper Validation of Array Index(CWE-129)"
    }
  ],
  "title": "Packetbeat vulnerable to denial-of-service (DoS)"
}

cve-2017-11480
Vulnerability from cvelistv5
Published
2017-12-08 18:00
Modified
2024-08-05 18:12
Severity ?
Summary
Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic.
References
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:39.898Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://discuss.elastic.co/t/beats-5-6-4-security-update/106739"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Packetbeat",
          "vendor": "Elastic",
          "versions": [
            {
              "status": "affected",
              "version": "before 5.6.4"
            }
          ]
        }
      ],
      "datePublic": "2017-11-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404: Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-08T17:57:01",
        "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "shortName": "elastic"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://discuss.elastic.co/t/beats-5-6-4-security-update/106739"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@elastic.co",
          "ID": "CVE-2017-11480",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Packetbeat",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 5.6.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Elastic"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-404: Improper Resource Shutdown or Release"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://discuss.elastic.co/t/beats-5-6-4-security-update/106739",
              "refsource": "CONFIRM",
              "url": "https://discuss.elastic.co/t/beats-5-6-4-security-update/106739"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
    "assignerShortName": "elastic",
    "cveId": "CVE-2017-11480",
    "datePublished": "2017-12-08T18:00:00",
    "dateReserved": "2017-07-20T00:00:00",
    "dateUpdated": "2024-08-05T18:12:39.898Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}