CVE-2014-4326
Published Jul 22, 2014
Last updated 5 years ago
Overview
- Description
- Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-78
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:elastic:logstash:1.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "635C7A3E-37E2-4901-BB29-2D43C56B9D38"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63BCE347-638C-4374-9BE4-BB4571E1F280"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B660651F-A164-4452-A5A9-6C2877326200"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1914E7D5-1A0B-4037-A891-140F796A413F"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C43285FF-C8B2-4840-81AE-97FADD29E685"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B67C3E50-BB45-441C-8211-59A9F4EB30FB"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C509C138-4BFE-48FD-8C38-01677169EAF7"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64B6CF56-F9F3-4F99-B1D5-19C983BFBD38"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E451EF3A-8252-4059-AEBD-729809062C24"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55F7ADDD-CC56-4238-A06E-FE1F69EBAC9C"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46956776-CE67-4145-BB97-3B8C592AC946"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95155F96-6513-4F43-B0CF-52FFDCE0357B"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC8B63F3-833C-46E5-A914-607A3A766AFE"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B9CAB34-C258-4057-B042-5DE75935E619"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DA006C7-CFF5-490F-8BAE-1DACA4765A7E"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BFABA59-F78A-400A-8274-C65344598570"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E50991FB-E4A2-4EED-8A82-8E07B96EFF5D"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27B82689-08A5-4579-9F59-D385066CC270"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.1.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4FEA597-A743-4E01-82A7-2402806A38DE"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "418F6121-CD4C-43D7-AC75-A947C73EE3F1"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE78CB39-A80D-4BFD-A47F-BB5291859C19"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3158A64-2248-4A53-B08F-A755131A1A13"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17C3E417-6DB6-481B-98D0-0104BAE87AAC"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE19710F-8A1D-4FCD-AFE4-499836AB27A5"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50969A07-A1BE-4D37-8412-F39E41A5E7A0"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CA8F37B-D30D-4B40-A9DA-31143962FB79"
},
{
"criteria": "cpe:2.3:a:elastic:logstash:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AC81D01-95EB-4570-B32A-377B439F7200"
}
],
"operator": "OR"
}
]
}
]