CVE-2017-8451

6.1MEDIUM

Key Information:

Vendor: Elastic
Status: Elastic X-pack Security
Vendor: CVE Published:; 16 June 2017

Summary

With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

Affected Version(s)

Elastic X-Pack Security before 5.3.1

References

https://www.elastic.co/community/security

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jun 16, 2017
Vulnerability Reserved
May 2, 2017