What the vulnerability does

01Description

Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic.

Key dates

02Disclosure timeline

December 8, 2017 CVE published
August 5, 2024 Record updated