CVE-2022-38779

Опубликовано: 22 фев. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

Ссылки

https://discuss.elastic.co/t/kibana-7-17-9-and-8-6-2-security-update/325782
Release Notes
Vendor Advisory
https://www.elastic.co/community/security
Vendor Advisory
https://discuss.elastic.co/t/kibana-7-17-9-and-8-6-2-security-update/325782
Release Notes
Vendor Advisory
https://www.elastic.co/community/security
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*

Версия от 7.0.0 (включая) до 7.17.9 (исключая)

cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*

Версия от 8.0.0 (включая) до 8.6.2 (исключая)

EPSS

Процентиль: 37%

0.00163

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

CVE-2022-38779

CVSS3: 6.1

redhat

около 3 лет назад

An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

CVE-2022-38779

CVSS3: 6.1

debian

почти 3 года назад

An open redirect issue was discovered in Kibana that could lead to a u ...

GHSA-37x6-m83p-f654

CVSS3: 6.1

github

почти 3 года назад

An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

EPSS

Процентиль: 37%

0.00163

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601