Lucene search
ElasticCVELIST:CVE-2018-17245HistoryDec 20, 2018 - 10:00 p.m.
CVE-2018-17245
2018-12-2022:00:00
CWE-201
elastic
www.cve.org
4
Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorization credentials are used when generating PDF reports. If a report requests external resources plaintext credentials are included in the HTTP request that could be recovered by an external resource provider.
CNA Affected
[
{
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2"
}
]
}
]Related
nvd
nvd
CVE-2018-17245
2018-12-20 22:29:00
veracode
veracode
Information Disclosure
2018-11-08 02:25:29
cve
cve
CVE-2018-17245
2018-12-20 22:29:00
redhatcve
redhatcve
CVE-2018-17245
2018-11-07 09:49:42
prion
prion
Authorization
2018-12-20 22:29:00
openvas
openvas
osv
osv
CVE-2018-17245
2018-12-20 22:29:00
nessus
nessus
Kibana ESA-2018-17
2018-12-05 00:00:00
Photon OS 1.0: Kibana PHSA-2019-1.0-0209
2020-01-28 00:00:00
Photon OS 3.0: Kibana PHSA-2019-3.0-0002
2024-07-22 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0132
2019-02-21 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-1.0-0209
2019-02-20 00:00:00
Critical Photon OS Security Update - PHSA-2019-0132
2019-02-21 00:00:00