ADVISORIES

• CVE-2020-21514 (NVD)
• GHSA-wrxf-x8rm-6ggg

GEM

fluentd

SEVERITY

CVSS v3.x: 8.8 (High)

PATCHED VERSIONS

None.

DESCRIPTION

An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 that allows attackers to gain escilated privileges and execute arbitrary code due to use of a default password.

RELATED

• https://nvd.nist.gov/vuln/detail/CVE-2020-21514
• https://github.com/fluent/fluentd/issues/2722
• https://github.com/advisories/GHSA-wrxf-x8rm-6ggg