CVE-2019-7620 - OpenCVE

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Elastic	Logstash

Configuration 1 [-]

OR	cpe:2.3:a:elastic:logstash::::::::
	cpe:2.3:a:elastic:logstash::::::::

No data.

References

Link	Providers
https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908
https://discuss.elastic.co/t/elastic-stack-7-4-1-security-update/204909
https://www.elastic.co/community/security

History

No history.

MITRE

Status: PUBLISHED

Assigner: elastic

Published: 2019-10-30T13:38:40

Updated: 2024-08-04T20:54:28.357Z

Reserved: 2019-02-07T00:00:00

Link: CVE-2019-7620

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-10-30T14:15:11.457

Modified: 2020-10-09T12:55:34.820

Link: CVE-2019-7620

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Logstash", "vendor": "Elastic", "versions": [{"status": "affected", "version": "before 7.4.1 and 6.8.4"}]}], "descriptions": [{"lang": "en", "value": "Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-10-30T13:38:40", "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.elastic.co/community/security"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://discuss.elastic.co/t/elastic-stack-7-4-1-security-update/204909"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@elastic.co", "ID": "CVE-2019-7620", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Logstash", "version": {"version_data": [{"version_value": "before 7.4.1 and 6.8.4"}]}}]}, "vendor_name": "Elastic"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-400: Uncontrolled Resource Consumption"}]}]}, "references": {"reference_data": [{"name": "https://www.elastic.co/community/security", "refsource": "CONFIRM", "url": "https://www.elastic.co/community/security"}, {"name": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908", "refsource": "CONFIRM", "url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"}, {"name": "https://discuss.elastic.co/t/elastic-stack-7-4-1-security-update/204909", "refsource": "CONFIRM", "url": "https://discuss.elastic.co/t/elastic-stack-7-4-1-security-update/204909"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:54:28.357Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.elastic.co/community/security"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://discuss.elastic.co/t/elastic-stack-7-4-1-security-update/204909"}]}]}, "cveMetadata": {"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "assignerShortName": "elastic", "cveId": "CVE-2019-7620", "datePublished": "2019-10-30T13:38:40", "dateReserved": "2019-02-07T00:00:00", "dateUpdated": "2024-08-04T20:54:28.357Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:logstash:*:*:*:*:*:*:*:*", "matchCriteriaId": "D06ACA59-7534-4F89-9F61-2ECE90293176", "versionEndExcluding": "6.8.4", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:logstash:*:*:*:*:*:*:*:*", "matchCriteriaId": "450C8263-B1E0-401C-BA4B-28A2A57CEFCB", "versionEndExcluding": "7.4.1", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding."}, {"lang": "es", "value": "Logstash versiones anteriores a 7.4.1 y 6.8.4, contienen un fallo de denegaci\u00f3n de servicio en el plugin de entrada de Logstash Beats. Un usuario no autenticado que puede ser capaz de conectarse a la entrada de latidos de Logstash podr\u00eda enviar un paquete de red especialmente dise\u00f1ado que causar\u00eda que Logstash deje de responder."}], "id": "CVE-2019-7620", "lastModified": "2020-10-09T12:55:34.820", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-30T14:15:11.457", "references": [{"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/elastic-stack-6-8-4-security-update/204908"}, {"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/elastic-stack-7-4-1-security-update/204909"}, {"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://www.elastic.co/community/security"}], "sourceIdentifier": "bressers@elastic.co", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "bressers@elastic.co", "type": "Secondary"}]}