CVE-2019-7608

EPSS 1.3%CWE-79

Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

Produtos afetados

Elastic · Kibana

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://access.redhat.com/errata/RHBA-2019:2824 https://access.redhat.com/errata/RHSA-2019:2860 https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077 https://www.elastic.co/community/security