What the vulnerability does

01Description

Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event.

Key dates

02Disclosure timeline

March 25, 2019 CVE published
August 4, 2024 Record updated