Start your free trial today.
Protect your organization with cutting-edge cybersecurity solutions designed for resilience and efficiency. Secure your digital assets with confidence.
Your Shield Against Threats
Unleash the Power of Cybersecurity
Boost Your Security, Enhance Your Business
We solve Your Cyber Challenges
Quick Links
Resources
Deepaegis Portals
2025 Deepaegis. All Rights Reserved.
Graylog versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2 are vulnerable to a privilege escalation issue. Attackers with a valid user account can create API tokens for other users, including the local Administrator, by exploiting weak permission checks in the Graylog REST API.
Successful exploitation allows an attacker to escalate privileges, potentially gaining access to sensitive actions or data with elevated rights. This can lead to full compromise depending on the permissions of the targeted user.
Graylog
Affected Version: 6.2.0 - 6.2.4
Remediation: Alternatively, as a temporary workaround, disable the setting: System > Configuration > Users > "Allow users to create personal access tokens"
Patched in versions 6.2.4 and 6.3.0-rc.2
Disable user token creation via configuration
Regular permission audits, disable unnecessary token creation options
Monitor Graylog API logs for suspicious token generation attempts
Not specified
Not specified
No references provided
No affected organizations specified
This document contains sensitive information. Unauthorized distribution is prohibited.