HomePentest-Tools.com Logo

Elastic Kibana X-Pack CVE-2018-3819 Open Redirect Vulnerability - Windows

Severity
CVSSv3 Score
6.1
Vulnerability description

Elastic Kibana with X-Pack is prone to an open redirect vulnerability.

Risk description

The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions before 5.6.7 and 6.x before 6.1.3 have an open redirect vulnerability on the login page. This vulnerability enables an attacker to craft a link that redirects to an arbitrary website.

Recommendation

Update to 6.1.3 or 5.6.7.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 30, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available