CVE-2021-37759
maven/org.graylog2/graylog2-server
Inclusion of Sensitive Information in Log Files
A Session ID leak in the DEBUG log file in Graylog allows attackers to escalate privileges (to the access level of the leaked session ID).
All versions starting from 0.20.0 before 4.1.2
Upgrade to version 4.1.2 or above.
2021-08-11
source |