Sensitive Information Leakage in Logstash Elasticsearch Output Plugin

Sensitive Information Leakage in Logstash Elasticsearch Output Plugin

CVE-2016-1000221 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Logstash prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information.

Learn more about our Web Application Penetration Testing UK.