Описание
Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat OpenShift Container Platform 3.10 | kibana | Not affected | ||
Red Hat OpenShift Container Platform 3.4 | kibana | Not affected | ||
Red Hat OpenShift Container Platform 3.5 | kibana | Not affected | ||
Red Hat OpenShift Container Platform 3.6 | kibana | Not affected | ||
Red Hat OpenShift Container Platform 3.7 | kibana | Not affected | ||
Red Hat OpenShift Container Platform 3.9 | kibana | Not affected | ||
Red Hat OpenStack Platform 8 (Liberty) Operational Tools | kibana | Not affected | ||
Red Hat OpenStack Platform 9 (Mitaka) Operational Tools | kibana | Not affected | ||
Red Hat OpenShift Container Platform 3.11 | openshift3/apb-base | Fixed | RHBA-2019:2824 | 24.09.2019 |
Red Hat OpenShift Container Platform 3.11 | openshift3/apb-tools | Fixed | RHBA-2019:2824 | 24.09.2019 |
Показывать по
Дополнительная информация
Статус:
6.1 Medium
CVSS3
Связанные уязвимости
Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XS ...
Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Уязвимость сервиса визуализации данных Kibana, связанная с непринятием мер по защите структуры веб-страницы (или \Межсайтовая сценарная атака\), позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)
6.1 Medium
CVSS3