Lucene search
GoogleOSV:BIT-ELK-2024-23442HistoryJun 18, 2024 - 7:17 a.m.
BIT-elk-2024-23442
2024-06-1807:17:33
Google
osv.dev
8
kibana
open redirect
security issue
arbitrary website
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.6%
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
Related
cve
cve
CVE-2024-23442
2024-06-14 15:15:49
cvelist
cvelist
CVE-2024-23442 Kibana open redirect issue
2024-06-14 14:26:53
vulnrichment
vulnrichment
CVE-2024-23442 Kibana open redirect issue
2024-06-14 14:26:53
osv
osv
BIT-kibana-2024-23442
2024-06-18 07:22:49
nvd
nvd
CVE-2024-23442
2024-06-14 15:15:49
redhatcve
redhatcve
CVE-2024-23442
2024-06-20 03:19:46
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.6%
Related for OSV:BIT-ELK-2024-23442