CVE-2025-37730 | THREATINT

Description

Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM) attack in “client” mode, as hostname verification in TCP output was not being performed when the ssl_verification_mode => full was set.

PUBLISHED Reserved 2025-04-16 | Published 2025-05-06 | Updated 2025-05-06 | Assigner elastic

MEDIUM: 6.5CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Problem types

CWE-295

Product status

Default status

unaffected

8.0.0 (semver) before 8.17.6

affected

8.18.0 (semver) before 8.18.1

affected

9.0.0 (semver) before 9.0.1

affected

References

discuss.elastic.co/...0-1-security-update-esa-2025-08/377869

cve.org (CVE-2025-37730)

nvd.nist.gov (CVE-2025-37730)

Download JSON