Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-11482

Опубликовано: 08 дек. 2017
Источник: nvd
CVSS3: 6.1
CVSS2: 5.8
EPSS Низкий

Описание

The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:elastic:kibana:5.6.0:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:5.6.2:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:5.6.4:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:6.0.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:6.0.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:6.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:6.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:6.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:6.0.0:rc2:*:*:*:*:*:*

EPSS

Процентиль: 42%
0.00197
Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601

Связанные уязвимости

redhat логотип

CVE-2017-11482

CVSS3: 6.1
redhat
почти 8 лет назад

The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

debian логотип

CVE-2017-11482

CVSS3: 6.1
debian
почти 8 лет назад

The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pa ...

github логотип

GHSA-28c3-wp2j-prjr

CVSS3: 6.1
github
больше 3 лет назад

The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

EPSS

Процентиль: 42%
0.00197
Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601