PT-2022-9231 · Elastic · Kibana

Published

2021-11-19

Updated

2022-11-22

CVE-2021-22141

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Kibana versions prior to 7.13.0 Kibana versions prior to 6.8.16

Description An open redirect flaw was found that could result in Kibana redirecting a logged-in user to an arbitrary website if they visit a maliciously crafted URL.

Recommendations For versions prior to 7.13.0, update to version 7.13.0 or later. For versions prior to 6.8.16, update to version 6.8.16 or later.

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2021-22141

SUSE-SU-2021:3729-1

SUSE-SU-2022:1654-1

Affected Products

Kibana

PT-2022-9231 · Elastic · Kibana

CVE-2021-22141

Weakness Enumeration

Related Identifiers

Affected Products

References · 20