Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Filebeat Improper Validation of Specified Index, Position, or Offset in Input
Vulnerability Description
Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/crash) of the Filebeat process via either a malformed Syslog message or a malicious tokenizer pattern in the Dissect configuration.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
CWE-1284
Vulnerability Title
Elastic Filebeat 安全漏洞
Vulnerability Description
Elastic Filebeat是荷兰Elastic公司的用于转发和集中日志数据的轻量级数据探针。 Elastic Filebeat存在安全漏洞,该漏洞源于输入验证不当,可能导致缓冲区溢出和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A