CVE-2020-7017

Sažetak

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualization.

Reference

https://www.elastic.co/community/security/
https://discuss.elastic.co/t/elastic-stack-6-8-11-and-7-8-1-security-update/242786
https://www.oracle.com//security-alerts/cpujul2021.html

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

07-10-2022 - 17:56

Objavljeno

27-07-2020 - 18:15