|Category:||Web application abuses|
|Title:||Elasticsearch Kibana 'CVE-2018-3831' Information Disclosure Vulnerability (Windows)|
|Summary:||Kibana is prone to an Information Disclosure Vulnerability.|
Kibana is prone to an Information Disclosure Vulnerability.
The _cluster/settings API, when queried, could leak sensitive configuration information
such as passwords, tokens or usernames.
Successful exploitation would allow an authenticated attacker to acquire valid login credentials.
Kibana versions s through 5.6.11 and 6.0.0 through 6.4.0.
Update to version 5.6.12 or 6.4.1 respectively.
Common Vulnerability Exposure (CVE) ID: CVE-2018-3831|
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.