Описание
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools | kibana | Not affected | ||
| Red Hat JBoss Fuse 6 | hawtio-kibana | Not affected | ||
| Red Hat OpenShift Enterprise 3 | kibana | Will not fix | ||
| Red Hat OpenStack Platform 10 (Newton) | puppet-kibana3 | Not affected | ||
| Red Hat OpenStack Platform 11 (Ocata) | puppet-kibana3 | Not affected | ||
| Red Hat OpenStack Platform 12 (Pike) | puppet-kibana3 | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) Operational Tools | kibana | Not affected | ||
| Red Hat OpenStack Platform 9 (Mitaka) Operational Tools | kibana | Not affected |
Показывать по
Дополнительная информация
Статус:
6.1 Medium
CVSS3
Связанные уязвимости
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pa ...
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
6.1 Medium
CVSS3