CVE-2017-8443 in X-Pack Securityinfo

Zusammenfassung

von MITRE

In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters credentials on this screen, the credentials will appear in the URL bar. The credentials could then be viewed by untrusted parties or logged into the Kibana access logs.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

02.05.2017

Veröffentlichung

30.06.2017

Moderieren

akzeptiert

Eintrag

VDB-102978

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

6.5 (NVD)

EPSS

0.00353

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-8443
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-8443
CVE Details	https://www.cvedetails.com/cve/CVE-2017-8443/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!