cvedb.io
CVE-2016-10363
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-06-16T21:29:00.430 · Last modified 2026-06-17T00:39:32.227

Summary

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit.

Affected products

elastic — logstash

Does this affect you?

Add your gear to cvedb and we'll alert you only when elastic ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.