Logstash ESA-2014-02

High Nessus Plugin ID 119461


The remote web server hosts a Java application that is vulnerable.


Logstash 1.4.1 and prior, when configured to use the Zabbix or Nagios outputs, allows an attacker with access to send crafted events to Logstash inputs to cause Logstash to execute OS commands.


Upgrade to Logstash 1.4.2 or later, or disable the Zabbix and Nagios outputs.

See Also


Plugin Details

Severity: High

ID: 119461

File Name: logstash_esa_2014_02.nasl

Version: 1.1

Type: remote

Family: CGI abuses

Published: 2018/12/06

Updated: 2018/12/06

Dependencies: 109943

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2014-4326

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vulnerability Information

CPE: cpe:/a:elasticsearch:logstash

Required KB Items: installed_sw/Logstash

Patch Publication Date: 2014/06/24

Vulnerability Publication Date: 2014/06/24

Reference Information

CVE: CVE-2014-4326