Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-3819

Опубликовано: 30 мар. 2018
Источник: nvd
CVSS3: 6.1
CVSS2: 5.8
EPSS Низкий

Описание

The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions before 6.1.3 and 5.6.7 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
Версия до 5.6.7 (исключая)
cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
Версия от 6.0.0 (включая) до 6.1.3 (исключая)

EPSS

Процентиль: 44%
0.00213
Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601

Связанные уязвимости

redhat логотип

CVE-2018-3819

CVSS3: 4.7
redhat
около 8 лет назад

The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions before 6.1.3 and 5.6.7 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

debian логотип

CVE-2018-3819

CVSS3: 6.1
debian
почти 8 лет назад

The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security ...

github логотип

GHSA-p999-w4h4-238v

CVSS3: 6.1
github
больше 3 лет назад

The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions before 6.1.3 and 5.6.7 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

EPSS

Процентиль: 44%
0.00213
Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601