The host is installed with Elasticsearch 5.x before 6.8.21, 7.x before 7.16.1 or Logstash 5.x before 6.8.21, 7.x before 7.16.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an issue in Log4j library. Successful exploitation could allow attackers to cause information leakage or denial of service.