PT-2017-18331 · Elastic · Kibana

Publicado

2017-06-05

·

Atualizado

2020-08-14

·

CVE-2017-8439

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Kibana version 5.4.0
Description A Cross Site Scripting (XSS) bug was found in the Time Series Visual Builder, which could allow an attacker to obtain sensitive information from Kibana users.
Recommendations For Kibana version 5.4.0, update to a version that fixes the XSS bug in the Time Series Visual Builder to prevent potential information disclosure.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2017-8439

Produtos afetados

Kibana