File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ ---
2+ layout : advisory
3+ title : ' CVE-2025-37730 (logstash-output-tcp): Improper certificate validation in Logstash'' s
4+ TCP output...'
5+ comments : false
6+ categories :
7+ - logstash-output-tcp
8+ advisory :
9+ gem : logstash-output-tcp
10+ cve : 2025-37730
11+ ghsa : qrf7-ph5v-mj2v
12+ url : https://nvd.nist.gov/vuln/detail/CVE-2025-37730
13+ title : Improper certificate validation in Logstash's TCP output...
14+ date : 2025-05-06
15+ description : |-
16+ Improper certificate validation in Logstash's TCP output could lead
17+ to a man-in-the-middle (MitM) attack in “client” mode, as hostname
18+ verification in TCP output was not being performed when the
19+ ssl_verification_mode => full was set.
20+ cvss_v3 : 6.5
21+ patched_versions :
22+ - " ~> 6.2.2"
23+ - " >= 7.0.1"
24+ related :
25+ url :
26+ - https://nvd.nist.gov/vuln/detail/CVE-2025-37730
27+ - https://rubygems.org/gems/logstash-output-tcp/versions/7.0.1
28+ - https://rubygems.org/gems/logstash-output-tcp/versions/6.2.2
29+ - https://github.com/logstash-plugins/logstash-output-tcp/blob/main/CHANGELOG.md#701
30+ - https://github.com/logstash-plugins/logstash-output-tcp/pull/61
31+ - https://github.com/logstash-plugins/logstash-output-tcp/commit/e32bd16a1d96cd0bc821fa4b93149934050f4040
32+ - https://discuss.elastic.co/t/logstash-8-17-6-8-18-1-and-9-0-1-security-update-esa-2025-08/377869
33+ - https://github.com/advisories/GHSA-qrf7-ph5v-mj2v
34+ notes : |
35+ - GHSA is unreviewed.
36+ - Used cvss_v3 and date from nvs.nist.gov URL.
37+ - Above discuss URL says "Alternatively, users may also
38+ upgrade the TCP output plugin to 6.2.2 or 7.0.1 by running
39+ bin/logstash-plugin update logstash-output-tcp."
40+ ---
You can’t perform that action at this time.
0 commit comments