CVE-2021-22138Improper Certificate Validation in Logstash

CWE-295Improper Certificate Validation3 documents3 sources
Severity
3.7LOWNVD
EPSS
0.1%
top 70.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Elastic LogstashElastic Elasticsearch
Timeline
PublishedMay 13
Latest updateMay 24

Description

In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. When specifying a trusted server CA certificate Logstash would not properly verify the certificate returned by the monitoring server. This could result in a man in the middle style attack against the Logstash monitoring data.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages2 packages

NVDelastic/logstash6.4.06.8.15+1
CVEListV5elastic/elasticsearchafter 6.4.0 and before 6.8.15 and 7.12.0

🔴Vulnerability Details

2
GHSA
GHSA-56cm-rmmq-hqpv: In Logstash versions after 62022-05-24
CVEList
CVE-2021-22138: In Logstash versions after 62021-05-13
CVE-2021-22138 — Improper Certificate Validation | cvebase