Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2020/04/09 12:18 p.m.32 views

CVE-2019-7610

An arbitrary code execution flaw was found in Kibana in versions prior to 5.6.15 and 6.6.1. If a Kibana instance has the setting xpack.security.audit.enabled set to true, an attacker could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executi...

9.3CVSS2.8AI score0.03908EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/03/05 12:0 a.m.47 views

Kibana < 5.6.15 Multiple Vulnerabilities

According to its self-reported version number, the Kibana application running on the remote host is prior to 5.6.15 or 6.x prior to 6.6.1. It is, therefore, affected by the following vulnerabilities: - A cross-site scripting XSS vulnerability that could allow an attacker to obtain sensitive...

10CVSS8.7AI score0.95338EPSS
Exploits12References4
Tenable Nessus
Tenable Nessus
added 2019/10/24 12:0 a.m.37 views

Kibana 5.x < 5.6.15 / 6.x < 6.6.1 Multiple Vulnerabilities

Binary data 701234.prm...

10CVSS8.2AI score0.95338EPSS
Exploits12References4
OpenVAS
OpenVAS
added 2019/03/27 12:0 a.m.180 views

Elastic Kibana < 5.6.15, 6.x.x < 6.6.1 Multiple Vulnerabilities - Linux

Kibana is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

10CVSS8.8AI score0.95338EPSS
Exploits12References5
CVE
CVE
added 2019/03/25 6:34 p.m.119 views

CVE-2019-7610

CVE-2019-7610 affects Kibana versions before 6.6.1. The flaw is an arbitrary code execution in the security audit logger when xpack.security.audit.enabled is true, allowing a crafted request to run JavaScript with Kibana process privileges on the host. Connected advisories indicate OpenShift 4.1....

9.3CVSS9.4AI score0.03908EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/04 12:0 a.m.212 views

Kibana ESA-2019-01, ESA-2019-02, ESA-2019-03

Kibana versions before 5.6.15 and 6.6.1 have the following vulnerabilities: - A cross-site scripting XSS vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. CVE-2019-7608 - An arbitrary code execution flaw...

10CVSS8.6AI score0.95338EPSS
Exploits12References4
ArchLinux
ArchLinux
added 2019/02/25 12:0 a.m.53 views

[ASA-201902-26] kibana: multiple issues

Arch Linux Security Advisory ASA-201902-26 ========================================== Severity: High Date : 2019-02-25 CVE-ID : CVE-2019-7608 CVE-2019-7609 CVE-2019-7610 Package : kibana Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-911 Summary ======= The package...

10CVSS2.4AI score0.95338EPSS
Exploits12References5
Rows per page
Query Builder