Primary

Context

Cribl Stream SQL Injection Vulnerability in the REST Collector Source

Vulnerability

A SQL injection vulnerability has been identified in Cribl Stream versions prior to 4.17.1. This issue resides within the REST Collector Source, where the application improperly validates user input, allowing for the manipulation of SQL queries. As a result, an attacker could potentially execute arbitrary SQL commands, leading to unauthorized data access or modification.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could result in unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Remediation

Users are advised to upgrade to Cribl Stream version 4.17.1, where this vulnerability has been addressed.

Added: May 12, 2026, 2:19 AM

Updated: May 12, 2026, 2:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.9

exploitability

7.4

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.9

exploitability

7.4

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cribl Stream SQL Injection Vulnerability in the REST Collector Source

Vulnerability

Impact

Remediation

Affected Products

Cribl Stream

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating