![]() Modifications to sessions will update the cached version as well as the session persisted in the database. After that, the node operates solely on the cached session. Upon a cache-miss, the session is loaded from the database. Each node maintains an in-memory cache of user sessions. In a multi-node Graylog cluster, after a user has explicitly logged out, a user session may still be used for API requests until it has reached its original expiry time. `GET /api/system/debug/support/bundle/download/`.ĬVE-2023-41041 Graylog is a free and open log management platform. Users unable to upgrade should block all HTTP requests to the following HTTP API endpoints by using a reverse proxy server in front of Graylog. This vulnerability is fixed in Graylog version 5.1.3 and later. For the Graylog Docker images, the `data_dir` is set to `/usr/share/graylog/data` by default. The vulnerability would allow the download or deletion of files in the following example directories: `/var/lib/graylog-server/support-bundle-test` and `/var/lib/graylog-server/support-bundlesdirectory`. Due to the partial path traversal vulnerability, an attacker with valid Admin role credentials can read or delete files in directories that start with a `/var/lib/graylog-server/support-bundle` directory name. The data directory for the Support Bundle feature is always `/support-bundle`. The default `data_dir` in operating system packages (DEB, RPM) is set to `/var/lib/graylog-server`. Graylog's Support Bundle feature allows an attacker with valid Admin role credentials to download or delete files in sibling directories of the support bundle directory. ![]() ![]() The vulnerability is caused by incorrect user input validation in an HTTP API resource. A partial path traversal vulnerability exists in Graylog's `Support Bundle` feature. CVE-2023-41044 Graylog is a free and open log management platform.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |