Kibana Open Redirect Vulnerability Could Lead to Arbitrary Website Redirection
CVE-2024-23442
6.1MEDIUM
Summary
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
Affected Version(s)
Kibana 8.11.1 <= 8.13.4
Kibana 7.17.21
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved