Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: elastic

Published: 2017-06-16T21:00:00

Updated: 2024-08-06T03:21:51.334Z

Reserved: 2017-05-02T00:00:00

Link: CVE-2016-10363

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-06-16T21:29:00.430

Modified: 2019-10-09T23:16:38.010

Link: CVE-2016-10363

cve-icon Redhat

No data.