Lucene search
Search Guard Kibana Plugin Security Vulnerabilities
cve
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as...
8.8CVSS
8.7AI Score
0.001EPSS
2019-08-23 02:15 PM
30
cve
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana...
6.1CVSS
6.1AI Score
0.001EPSS
2019-08-23 02:15 PM
33
cve
The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is...
6.1CVSS
6.5AI Score
0.001EPSS
2019-04-09 06:29 PM
20