Impact
A malicious actor with a valid node key can send a badly formatted request that causes the Fleet server to exit, resulting in denial of service. This is possible only while a live query is currently ongoing.
We believe the impact of this vulnerability to be low given the requirement that the actor has a valid node key. There is no information disclosure, privilege escalation, or code execution.
Patches
The issue is fixed in Fleet 3.7.0.
Workarounds
If this attack is detected, revoke the node key (by deleting the associated host) that is being used to carry out the attack.
For more information
If you have any questions or comments about this advisory:
dsbaha Analyst
Impact
A malicious actor with a valid node key can send a badly formatted request that causes the Fleet server to exit, resulting in denial of service. This is possible only while a live query is currently ongoing.
We believe the impact of this vulnerability to be low given the requirement that the actor has a valid node key. There is no information disclosure, privilege escalation, or code execution.
Patches
The issue is fixed in Fleet 3.7.0.
Workarounds
If this attack is detected, revoke the node key (by deleting the associated host) that is being used to carry out the attack.
For more information
If you have any questions or comments about this advisory: