CVE-2025-37730

{"id": "CVE-2025-37730", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "bressers@elastic.co", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 2.2}]}, "published": "2025-05-06T18:15:38.410", "references": [{"url": "https://discuss.elastic.co/t/logstash-8-17-6-8-18-1-and-9-0-1-security-update-esa-2025-08/377869", "source": "bressers@elastic.co"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "bressers@elastic.co", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM) attack in \u201cclient\u201d mode, as hostname verification in TCP output was not being performed when the ssl_verification_mode => full was set."}, {"lang": "es", "value": "Una validaci\u00f3n incorrecta del certificado en la salida TCP de Logstash podr\u00eda provocar un ataque de intermediario (MitM) en modo \u201cclient\u201d, ya que no se estaba realizando la verificaci\u00f3n del nombre de host en la salida TCP cuando se configuraba ssl_verification_mode => full."}], "lastModified": "2025-05-07T14:13:20.483", "sourceIdentifier": "bressers@elastic.co"}