Lucene search
Redhat.comRH:CVE-2024-23442HistoryJun 20, 2024 - 3:19 a.m.
CVE-2024-23442
2024-06-2003:19:46
redhat.com
access.redhat.com
8
open redirect
kibana
cve-2024-23442
security flaw
malicious url
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7.1
Confidence
High
EPSS
0.001
Percentile
17.6%
An open redirect flaw was found in Kibana. This issue can lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
Related
cve
cve
CVE-2024-23442
2024-06-14 15:15:49
osv
osv
BIT-elk-2024-23442
2024-06-18 07:17:33
BIT-kibana-2024-23442
2024-06-18 07:22:49
cvelist
cvelist
CVE-2024-23442 Kibana open redirect issue
2024-06-14 14:26:53
vulnrichment
vulnrichment
CVE-2024-23442 Kibana open redirect issue
2024-06-14 14:26:53
nvd
nvd
CVE-2024-23442
2024-06-14 15:15:49
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7.1
Confidence
High
EPSS
0.001
Percentile
17.6%
Related for RH:CVE-2024-23442