10 matches found
CVE-2023-31415
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...
EUVD-2023-35726
Malicious code in bioql PyPI...
Arbitrary Code Execution
kibana is vulnerable to Arbitrary Code Execution. A remote authenticated attacker with the ability to modify the Kibana yaml or env configuration is able to execute malicious code on the host system via a malicious configuration payload trough the Uptime/Synthetics feature...
Elastic Kibana < 8.7.1 Arbitrary Code Execution
The Elastic Kibana software on the remote host is missing a security update. It is, therefore, affected by multiple arbitrary code execution vulnerabilities: - An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This...
SUSE CVE-2023-31415
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...
CVE-2023-31415
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...
CVE-2023-31415
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...
CVE-2023-31415
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...
PT-2023-23308
Name of the Vulnerable Software and Affected Versions Kibana version 8.7.0 Description The issue is an arbitrary code execution flaw. An attacker with all privileges to the Uptime/Synthetics feature could send a request to execute JavaScript code, potentially leading to the execution of arbitrary...
CVE-2023-31415
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...