HomePentest-Tools.com Logo

Elastic Kibana < 6.8.10, 7.x < 7.7.1 XSS Vulnerability (Windows) CVE-2020-7015

Severity
CVSSv3 Score
5.4
Vulnerability description

Kibana is prone to a cross-site scripting vulnerability in the TSVB visualization.

Risk description

An attacker who is able to edit or create a TSVB visualization could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of Kibana users who edit the TSVB visualization.

Recommendation

Update to version 6.8.10, 7.7.1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 3, 2020
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available