Anfälligkeitssuche        Suche in 191973 CVE Beschreibungen
und 86218 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2020-7012
Beschreibung:Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.
Test Kennungen: 1.3.6.1.4.1.25623.1.0.144080   1.3.6.1.4.1.25623.1.0.144081  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2020-7012
https://www.elastic.co/community/security/




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.