CVE Daily
← All tags

Tag: Elastic Beats

All CVEs associated with "Elastic Beats". Page 1/1 • 8 CVEs.

About “Elastic Beats”

A curated feed of “Elastic Beats”-related CVEs appears below. We currently track 8 CVEs for this tag (all time). In the last 365 days, 1 were published. Average CVSS is 6.7 (all time; 5.9 over 365d), and 38% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-125 - Out-of-bounds Read.

In our taxonomy this topic maps to a LOW impact class. Logging and monitoring stacks may expose dashboards or collectors. Patch services, enforce auth and TLS, restrict admin endpoints, rotate tokens, and review data retention. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

Support & lifecycle: beats

This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.

CycleReleaseLatestEOLLTS
9.49.4.2-
9.39.3.5-
9.29.2.8-
9.19.1.10-
8.198.19.16
8.188.18.8 Expired
9.09.0.8-
8.178.17.10-
8.168.16.6 Expired
77.17.29 Expired
66.8.23 Expired

Maintained Soon (≤ 180 days) Expired

Subscribe lifecycle: RSS  ·  RSS (expired)  ·  ICS

Subscribe CVEs: RSS for “Elastic Beats”  ·  RSS (High+Critical only)

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2025-12-01
Medium

CVE-2025-41739

An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read…

CVSS: 5.9 CWE: CWE-125 - Out-of-bounds Read View on NVD
2025-02-26
Medium

CVE-2022-49379

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction Mounting NFS rootfs was timing out when deferred_pr…

CVSS: 5.5 CWE: CWE-667 - Improper Locking View on NVD
2024-06-26
Medium

CVE-2024-27867

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headp…

CVSS: 4.3 CWE: CWE-287 - Improper Authentication View on NVD
2023-12-12
Medium

CVE-2023-49922

An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP s…

CVSS: 6.8 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD
2023-10-26
Medium

CVE-2023-31421

It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certif…

CVSS: 5.9 CWE: CWE-295 - Improper Certificate Validation View on NVD
2019-10-30
High

CVE-2019-7620

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
2018-03-05
Critical

CVE-2018-7665

An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto…

CVSS: 9.8 CWE: CWE-434 - Unrestricted Upload of File with Dangerous Type View on NVD
2006-05-22
High

CVE-2006-2537

Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1.0029 and earlier, and (c) Horizontal Shooter BOR (HOR) 2.0000 and earlier allow remote attackers to…

CVSS: 7.5 CWE: N/A View on NVD
CVE Daily Lookup — auto-links CVE IDs on any page you visit. GitHub, Jira, Confluence & more. Free.
Chrome Firefox