CVE-2020-10743

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions OpenShift Container Platform's distribution of Kibana (affected versions not specified)

Description A flaw in OpenShift Container Platform's distribution of Kibana allows it to be opened in an iframe, enabling an attacker to intercept and manipulate requests. This issue can be exploited to trick a user into performing arbitrary actions in Kibana, such as clickjacking.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improperly Implemented Security Check for Standard

Clickjacking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-358CWE-1021

Related Identifiers

CVE-2020-10743

SUSE-RU-2020:2072-1

SUSE-RU-2020:2161-1

SUSE-RU-2021:0351-1

SUSE-SU-2020:1901-1

SUSE-SU-2021:1962-1

Affected Products

Kibana

CVE-2020-10743

Weakness Enumeration

Related Identifiers

Affected Products

References · 168