Lucene search
Veracode Vulnerability DatabaseVERACODE:20934HistoryJul 31, 2019 - 6:36 a.m.
Cross-Site Request Forgery (CSRF)
2019-07-3106:36:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
28.4%
Kibana is vulnerable to Cross-Site Request Forgery. There is no restriction in graphite.url configuration. Thus, an attacker with administrative Kibana access could set the timelion:graphite.url configuration option to an arbitrary URL, possibly leading to an attacker accessing external URL resources as the Kibana process on the host system.
Related
checkpoint_advisories
checkpoint_advisories
Kibana Elasticsearch Server Side Request Forgery (CVE-2019-7616)
2020-06-23 00:00:00
prion
prion
Server side request forgery (ssrf)
2019-07-30 22:15:00
githubexploit
githubexploit
Exploit for Server-Side Request Forgery in Elastic Kibana
2020-06-02 07:28:13
nvd
nvd
CVE-2019-7616
2019-07-30 22:15:12
kitploit
kitploit
Spyse: All-In-One Cybersecurity Search Engine
2020-06-26 04:33:00
redhatcve
redhatcve
CVE-2019-7616
2019-08-30 01:28:58
osv
osv
CVE-2019-7616
2019-07-30 22:15:12
cvelist
cvelist
CVE-2019-7616
2019-07-30 21:15:47
cve
cve
CVE-2019-7616
2019-07-30 22:15:12
nessus
nessus
Photon OS 3.0: Kibana PHSA-2020-3.0-0088
2020-05-13 00:00:00
Kibana < 6.8.2 Multiple Vulnerabilities
2020-03-05 00:00:00
Kibana 7.x < 7.2.1 Multiple Vulnerabilities
2020-03-05 00:00:00
openvas
openvas
photon
photon
Important Photon OS Security Update - PHSA-2020-0088
2020-05-10 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0088
2020-05-10 00:00:00
Important Photon OS Security Update - PHSA-2020-0253
2020-06-13 00:00:00