CVE-2017-11480

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-11480

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11480.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-11480

Aliases

Published

2017-12-08T18:29:00.210Z

Modified

2026-04-10T04:03:08.085638Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic.

References

https://discuss.elastic.co/t/beats-5-6-4-security-update/106739

Affected packages

Git / github.com/elastic/beats

Affected ranges

Type

GIT

Repo

https://github.com/elastic/beats

Events

Introduced

Fixed

9dd91482ca414229a68d5cacbd7a381c37ca0ba1

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.6.4"
        }
    ]
}

Affected versions

v0.*

v0.1.0

v0.1.1

v0.2.0

v0.2.2

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.4.0

v0.4.1

v0.4.2

v0.4.3

v0.5.0

v1.*

v1.0.0.Beta1

v5.*

v5.0.0-alpha1

v5.0.0-alpha2

v5.0.0-alpha3

v5.0.0-alpha4

v5.5.3

v5.6.0

v5.6.1

v5.6.2

v5.6.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11480.json"