CVE-2017-8451

Summary

With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

Affected Software

VendorProductVersion RangeStatus
ElasticElastic X-Pack Securitybefore 5.3.1affected

Weaknesses

  • CWE-601: CWE-601: URL Redirection to Untrusted Site

ADP Enrichment

CVE Program Container

Additional References

References