Lucene search
ElasticCVELIST:CVE-2018-17246HistoryDec 20, 2018 - 10:00 p.m.
CVE-2018-17246
2018-12-2022:00:00
CWE-73
elastic
www.cve.org
7
Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
CNA Affected
[
{
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 6.4.3 and 5.6.13"
}
]
}
]Related
openvas
openvas
prion
prion
Design/Logic Flaw
2018-12-20 22:29:00
veracode
veracode
Arbitrary File Inclusion
2018-11-08 02:14:40
redhatcve
redhatcve
CVE-2018-17246
2018-11-07 09:19:10
osv
osv
CVE-2018-17246
2018-12-20 22:29:00
nessus
nessus
Kibana ESA-2018-18
2018-11-07 00:00:00
Photon OS 1.0: Kibana PHSA-2019-1.0-0209
2020-01-28 00:00:00
Photon OS 3.0: Kibana PHSA-2019-3.0-0002
2024-07-22 00:00:00
nvd
nvd
CVE-2018-17246
2018-12-20 22:29:00
nuclei
nuclei
Kibana - Local File Inclusion
2021-04-08 21:01:08
cve
cve
CVE-2018-17246
2018-12-20 22:29:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0132
2019-02-21 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-1.0-0209
2019-02-20 00:00:00
Critical Photon OS Security Update - PHSA-2019-0132
2019-02-21 00:00:00