02. 09. 2025 Alessandro Mizzaro Bug Fixes, NetEye

NetEye 4 – Security Advisory (SIEM)

Important: Elastic Stack security update (installed with SIEM)

Type/Severity

NetEye Product Security has rated this update as having a High security impact.

Topic

An update for the elasticsearch package is now available for NetEye 4.

Security Fix for NetEye 4.43

  • 8.18.6_neteye3.81.9-1

CVE-2025-54988 (Apache Tika): CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/MPR:L

For a detailed overview of the security issue(s), including the impact, CVSS score, acknowledgments, and other relevant information, please refer to the links provided in the References section below.

For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section in the User Guide.

Affected Products

  • All NetEye 4.x versions >=4.42 that use Attachment processor on pipelines
    For customers who cannot update, a workaround is available here
    N.B. The workaround can seriously impact data ingestion, so please upgrade.
  • All NetEye 4.x versions >=4.31 that use Workplace Search (Only for Enterprise Customer)
    A workaround for this is not available

References

Alessandro Mizzaro

Alessandro Mizzaro

Security Software Engineer at Wuerth Phoenix

Author

Alessandro Mizzaro

Latest posts by Alessandro Mizzaro

14. 05. 2025 Bug Fixes, NetEye
NetEye Security Advisory
03. 04. 2025 Bug Fixes, NetEye
NetEye 4 – Security Advisory
24. 03. 2025 Bug Fixes, NetEye
NetEye 4 – Security Advisory
24. 03. 2025 Bug Fixes, NetEye
NetEye 4 – Security Advisory
12. 03. 2025 Bug Fixes, NetEye
NetEye 4 – Security Advisory
See All

Related Content

Tags: , ,

23. 09. 2025 Bug Fixes, NetEye

Bug Fixes for NetEye 4.43

Satellite config creation in HA mode using zone names with whitespaces We've addressed an issue where running the neteye satellite config create for a satellite configured in HA mode having whitespaces in the Zone name prevented the procedure to successfully Read More
11. 09. 2025 Bug Fixes, NetEye

Bug Fixes for NetEye 4.43

Dashboard Graphs Now Use Full Width We've addressed an issue where service and host graphs on dashboards were not utilizing the full available width. This fix ensures the charts now expand to fill the space, providing a better and clearer Read More
01. 09. 2025 Bug Fixes, NetEye

Bug Fixes for NetEye 4.43

Fix redirect to __SELF__ We resolved a bug for which sometimes during the login workflow an automatic redirect to __SELF__ was performed, forcing the user to manually change the URL on the browser tab. List of updated packages To solve Read More
29. 08. 2025 Bug Fixes, NetEye

Bug Fixes for NetEye 4.43

Fix network target waited on boot We resolved a bug for which the network systemd target waited on boot was not sufficient in guaranteeing that all interfaces were actually ready, causing possibly some services failing to bind, under certain circumstances. Read More
12. 08. 2025 Bug Fixes, NetEye

Bug Fixes for NetEye 4.43

Fix Kibana sysconfig migration We resolved a bug that occurred during the migration of Kibana to a multi-instance setup. The issue prevented the proper copying of custom configurations from /neteye/shared/kibana/conf/sysconfig/kibana-user-customization. As a result, these customizations were missing from the Kibana instances Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive