VDB

CVE-2019-7612

CVE-2019-7612 PUBLISHED CVSS 5 MEDIUM

A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.

EPSS 0.45% · 64.2th percentile

Risk Scores

CVSS 2.0
5
EPSS Score
0.45%
64.2th percentile

Affected Products

VendorProductVersions
netappactive_iq_performance_analytics_services
ElasticLogstashbefore 5.6.15 and 6.6.1
elasticlogstash0, 6.0.0

Timeline

  • Mar 25, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›