Lucene search
Veracode Vulnerability DatabaseVERACODE:7698HistoryNov 08, 2018 - 2:25 a.m.
Information Disclosure
2018-11-0802:25:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.002 Low
EPSS
Percentile
64.8%
kibana is vulnerable to information disclosure attacks. The vulnerability exists as plaintext credentials are being sent in the HTTP request during the PDF generation process, allowing an external resource provider to view the credentials.
References
discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594
github.com/elastic/kibana/commit/7bac28be6bccbcd3eaace34a60011eb49b96d07e
github.com/elastic/kibana/commit/9f4ec18000a74e269276ff943979799ccbd4d950
github.com/elastic/kibana/pull/24177
github.com/elastic/kibana/pull/24236
www.elastic.co/community/security
Related
cvelist
cvelist
CVE-2018-17245
2018-12-20 22:00:00
cve
cve
CVE-2018-17245
2018-12-20 22:29:00
redhatcve
redhatcve
CVE-2018-17245
2018-11-07 09:49:42
nvd
nvd
CVE-2018-17245
2018-12-20 22:29:00
openvas
openvas
prion
prion
Authorization
2018-12-20 22:29:00
osv
osv
CVE-2018-17245
2018-12-20 22:29:00
nessus
nessus
Kibana ESA-2018-17
2018-12-05 00:00:00
Photon OS 1.0: Kibana PHSA-2019-1.0-0209
2020-01-28 00:00:00
Photon OS 2.0: Kibana PHSA-2019-2.0-0132
2019-03-18 00:00:00
photon
photon