Описание
With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools | kibana | Not affected | ||
| Red Hat JBoss Fuse 6 | hawtio-kibana | Not affected | ||
| Red Hat OpenShift Enterprise 3 | kibana | Will not fix | ||
| Red Hat OpenStack Platform 10 (Newton) | puppet-kibana3 | Not affected | ||
| Red Hat OpenStack Platform 11 (Ocata) | puppet-kibana3 | Not affected | ||
| Red Hat OpenStack Platform 12 (Pike) | puppet-kibana3 | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) Operational Tools | kibana | Not affected | ||
| Red Hat OpenStack Platform 9 (Mitaka) Operational Tools | kibana | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-601
https://bugzilla.redhat.com/show_bug.cgi?id=1538801kibana: open redirect on the login page (ESA-2017-04 )
EPSS
Процентиль: 53%
0.00296
Низкий
6.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.1
nvd
больше 8 лет назад
With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
CVSS3: 6.1
github
больше 3 лет назад
With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
EPSS
Процентиль: 53%
0.00296
Низкий
6.1 Medium
CVSS3