Fluent Bit In-Forward Input Plugin Authentication Bypass Vulnerability

An authentication bypass vulnerability has been identified in the Fluent Bit in-forward input plugin, specifically in version 4.1.0. Under certain configuration conditions, the plugin fails to properly enforce the security.users authentication mechanism. This flaw allows remote attackers with network access to the Fluent Bit instance to send unauthenticated data. By circumventing authentication controls, attackers can inject fake log records, overwhelm alerting systems, or manipulate log routing decisions, thereby compromising the authenticity and integrity of the logs being collected.

Impact

Exploitation of this vulnerability allows for unauthorized data injection into the log system, potentially flooding alerting mechanisms and disrupting normal log management processes. Such actions could lead to a loss of trust in the logged data, with fabricated records being accepted as genuine.