SecuritySpace - CVE-2020-7012

Anfälligkeitssuche		Suche in 191973 CVE Beschreibungen und 86218 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

CVE Kennung: CVE-2020-7012

Beschreibung: Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.

Test Kennungen: 1.3.6.1.4.1.25623.1.0.144080 1.3.6.1.4.1.25623.1.0.144081

Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2020-7012
https://www.elastic.co/community/security/

CVE Kennung:	CVE-2020-7012
Beschreibung:	Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.
Test Kennungen:	1.3.6.1.4.1.25623.1.0.144080 1.3.6.1.4.1.25623.1.0.144081
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2020-7012 https://www.elastic.co/community/security/