Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_113527HistoryJan 11, 2023 - 12:00 a.m.
Kibana 5.0.0 < 5.6.1 Cross-Site Scripting
2023-01-1100:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
kibana
version 5.0.0
xss
cross-site scripting
timelion
cve-2017-11479
vulnerability
information security
0.001 Low
EPSS
Percentile
46.2%
According to its self-reported version number, the Kibana application running on the remote host is 5.0.0 prior to 5.6.1. It is, therefore, affected by the following vulnerabilities:
- A cross-site scripting (XSS) in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. (CVE-2017-11479)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data| Vendor | Product | Version | CPE |
|---|---|---|---|
| elasticsearch | kibana | * | cpe:2.3:a:elasticsearch:kibana:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2017-11479
2017-09-29 01:34:48
cvelist
cvelist
CVE-2017-11479
2017-09-28 19:00:00
redhatcve
redhatcve
CVE-2017-11479
2018-01-11 07:50:14
osv
osv
CVE-2017-11479
2017-09-29 01:34:48
prion
prion
Cross site scripting
2017-09-29 01:34:00
openvas
openvas
Elastic Kibana <= 5.6.0 XSS Vulnerability
2017-10-09 00:00:00
nvd
nvd
CVE-2017-11479
2017-09-29 01:34:48
veracode
veracode
Cross-Site Scripting (XSS)
2017-11-13 08:57:45
