8 matches found
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update
An update is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Security Bulletin: IBM Cloud Private is vulnerable to Kibana vulnerabilities (CVE-2020-7015, CVE-2020-7013, CVE-2020-7012)
Summary IBM Cloud Private is vulnerable to Kibana vulnerabilities Vulnerability Details CVEID: CVE-2020-7015 DESCRIPTION: Elastic Kibana is vulnerable to cross-site scripting, caused by improper validation of user-supplied input in TSVB visualization. A remote attacker could exploit this...
Photon OS 3.0: Kibana PHSA-2020-3.0-0103
An update of the kibana package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0103. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid137723;...
Photon OS 2.0: Kibana PHSA-2020-2.0-0253
An update of the kibana package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0253. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13771...
CVE-2020-7013
Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissio...
Photon OS 1.0: Kibana PHSA-2020-1.0-0301
An update of the kibana package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0301. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13763...
Elastic Kibana < 6.8.9, 7.x < 7.7.0 Prototype Pollution Vulnerability - Windows
Kibana is prone to a prototype pollution vulnerability in TSVB. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...
CVE-2020-7013
CVE-2020-7013 refers to a prototype pollution flaw in Kibana TSVB affecting versions before 6.8.9 and 7.7.0, enabling an authenticated attacker with TSVB-visualization creation privileges to cause Kibana to execute arbitrary code with Kibana process permissions. The connected documentation corrob...