Security News > 2024 > May > Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323)
Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be leveraged for denial of service, information disclosure, or remote code execution. About CVE-2024-4323 Fluent Bit is an open-source data collection, processing and forwarding utility for Linux, BSD, macOS and Windows that can easily handle large volumes of log data, which is why the likes of Google Cloud, AWS, Digital Ocean, … More → The post Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/05/21/cve-2024-4323/
Related news
- Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) (source)
- Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) (source)
- Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) (source)
- Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) (source)
- PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190) (source)
- Critical VMware vCenter Server bugs fixed (CVE-2024-38812) (source)
- Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-05-20 | CVE-2024-4323 | A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. | 0.0 |