Threat entity extracted from intelligence sources
Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and integrity of ingested logs.
CWE-306: Missing Authentication for Critical Function
A series of vulnerabilities in Fluent Bit, an open source log collection tool, were discovered by Oligo Security. These 'trivial-to-exploit' bugs, which allow attackers to bypass authentication and execute remote code, have been present for years, affecting major cloud and AI services. Details of the vulnerabilities were published in coordination with the project's maintainers.
Fluent Bit, a widely used log-processing tool, has been found vulnerable to multiple critical security flaws that could allow attackers to bypass authentication, execute remote code, and disrupt cloud services. Discovered by Oligo Security, these vulnerabilities affect versions older than 4.1.1 and 4.0.12 and have been present for years, posing risks to various sectors including banking and cloud computing.
Cybersecurity researchers have identified critical vulnerabilities in Fluent Bit, a logging agent used extensively across various platforms, including banking and cloud services. The flaws could lead to authentication bypass, remote code execution, and denial of service, primarily affecting instances with network access. The vulnerabilities stem from issues in tag processing and plugin handling.