CVE-2016-10365

Опубликовано: 15 нояб. 2016

Источник: redhat

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website.

Отчет

This issue does not appear to affect the versions of Kibana as shipped with Red Hat Openshift Enterprise.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools	kibana	Will not fix
Red Hat OpenShift Enterprise 3	kibana	Not affected
Red Hat OpenStack Platform 8 (Liberty) Operational Tools	kibana	Will not fix
Red Hat OpenStack Platform 9 (Mitaka) Operational Tools	kibana	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-601

https://bugzilla.redhat.com/show_bug.cgi?id=1395579kibana: Open redirect vulnerability (ESA-2016-09)

EPSS

Процентиль: 42%

0.00197

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2016-10365

CVSS3: 6.1

nvd

больше 8 лет назад

Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website.

CVE-2016-10365

CVSS3: 6.1

debian

больше 8 лет назад

Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerabi ...

GHSA-jhcr-83jp-pjvr

CVSS3: 6.1

github

больше 3 лет назад

Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website.

EPSS

Процентиль: 42%

0.00197

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2