Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Kibana privilege escalation via reporting_user role
Vulnerability Description
Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting_user role which incorrectly has the ability to access all Kibana Spaces.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Elastic Kibana 安全漏洞
Vulnerability Description
Elastic Kibana是Elastic公司的一个可用数据可视化仪表板软件。 Elastic Kibana存在安全漏洞,该漏洞源于内置reporting_user角色授权不当,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A