Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-7608

Опубликовано: 19 фев. 2018
Источник: redhat
CVSS3: 6.1

Описание

Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Container Platform 3.10kibanaNot affected
Red Hat OpenShift Container Platform 3.4kibanaNot affected
Red Hat OpenShift Container Platform 3.5kibanaNot affected
Red Hat OpenShift Container Platform 3.6kibanaNot affected
Red Hat OpenShift Container Platform 3.7kibanaNot affected
Red Hat OpenShift Container Platform 3.9kibanaNot affected
Red Hat OpenStack Platform 8 (Liberty) Operational ToolskibanaNot affected
Red Hat OpenStack Platform 9 (Mitaka) Operational ToolskibanaNot affected
Red Hat OpenShift Container Platform 3.11openshift3/apb-baseFixedRHBA-2019:282424.09.2019
Red Hat OpenShift Container Platform 3.11openshift3/apb-toolsFixedRHBA-2019:282424.09.2019

Показывать по

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1696028kibana: Cross-site scripting vulnerability permits perform destructive actions on behalf of other Kibana users

6.1 Medium

CVSS3

Связанные уязвимости

CVSS3: 6.1
nvd
больше 6 лет назад

Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

CVSS3: 6.1
debian
больше 6 лет назад

Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XS ...

CVSS3: 6.1
github
около 3 лет назад

Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

CVSS3: 6.1
fstec
больше 6 лет назад

Уязвимость сервиса визуализации данных Kibana, связанная с непринятием мер по защите структуры веб-страницы (или \Межсайтовая сценарная атака\), позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)

6.1 Medium

CVSS3