18 Nov 2021
Vulnérabilité CVE-2021-37938 CVE Vulnerability
It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension. Thanks to Dominic Couture for finding this vulnerability. (CVSS:4.0) (Last Update:2021-11-23)
Vulnerability Details : It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension. Thanks to Dominic Couture for finding this vulnerability. Publish Date : 2021-11-18 Last Update Date : 2021-11-23 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2021-37938
- Number Of Affected Versions By Product
- References For CVE-2021-37938
| |||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-37938There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |