BugTraq
Back to list
|
Post reply
CVE-2015-8131: Kibana CSRF vulnerability
Nov 18 2015 10:40PM
Kevin Kluge (kevin elastic co)
Description:
Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a CSRF attack.
We have been assigned CVE 2015-8131for this issue.
CVSS Score: 4.0
Remediation:
We recommend that all Kibana users upgrade to either 4.1.3, 4.2.1, or a later version.
Confirmation:
We have published a vulnerability summary at https://www.elastic.co/community/security.
We have also made a blog post about the issue and releases at https://www.elastic.co/blog/kibana-4-2-1-and-4-1-3.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a CSRF attack.
We have been assigned CVE 2015-8131for this issue.
CVSS Score: 4.0
Remediation:
We recommend that all Kibana users upgrade to either 4.1.3, 4.2.1, or a later version.
Confirmation:
We have published a vulnerability summary at https://www.elastic.co/community/security.
We have also made a blog post about the issue and releases at https://www.elastic.co/blog/kibana-4-2-1-and-4-1-3.
[ reply ]