Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2020-7012
Description:Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.
Test IDs: 1.3.6.1.4.1.25623.1.0.144080   1.3.6.1.4.1.25623.1.0.144081  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2020-7012
https://www.elastic.co/community/security/




© 1998-2020 E-Soft Inc. All rights reserved.