CVE-2019-13422

Summary

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login.

Affected Software

VendorProductVersion RangeStatus
floragunnSearch Guard Kibana Pluginunspecified < 5.6.8-7affected
floragunnSearch Guard Kibana Pluginunspecified < 6.x.y-12affected

Weaknesses

  • CWE-601: CWE-601: URL Redirection to Untrusted Site
  • CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation

ADP Enrichment

CVE Program Container

Additional References

References