← Retour aux CVEs
CVE-2016-10364
N/ADescription
With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions.
Details CVE
Score CVSS v3.1N/A
Publie6/16/2017
Derniere modification4/20/2025
Sourcenvd
Observations honeypot0
Produits affectes
elastic:kibana
Faiblesses (CWE)
CWE-306CWE-264
References
https://www.elastic.co/community/security(security@elastic.co)
https://www.elastic.co/community/security(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.