CVE-2017-14730 - Permissions, Privileges, and Access Control vulnerability in Elasticsearch Logstash

Publication

2017-09-25

Last modification

2017-10-06

Summary

The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link.

Classification

CWE-264 - Permissions, Privileges, and Access Control

Risk level (CVSS AV:L/AC:L/Au:N/C:C/I:C/A:C)

High

7.2

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Elasticsearch Logstash  5.4.1 , 5.3.2 , 5.6.0 , 5.2.1 , 5.3.1 , 5.0.2 , 5.1.2 , 5.4.3 , 5.5.0 , 5.0.1 , 5.2.0 , 5.5.2 , 5.0.0 , 5.5.1 , 5.4.2 , 5.3.0 , 5.1.1