8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.3%
kibana is vulnerable to Sensitive Information Leak. The vulnerability is due to sensitive information being recorded to logs in case of an error. The log can contain account credentials for the kibana_system user, API Keys and credentials of kibana end users.
8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.3%