CVE-2020-10743

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-10743
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10743.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-10743
Related
Published
2021-06-02T11:15:07Z
Modified
2024-10-12T05:39:50.701687Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP's distribution of Kibana, such as clickjacking.

References

Affected packages

Git / github.com/elastic/kibana

Affected ranges

Type
GIT
Repo
https://github.com/elastic/kibana
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

v4.*

v4.0.0
v4.0.0-beta1
v4.0.0-beta1.1
v4.0.0-beta2
v4.0.0-beta3
v4.0.0BETA1
v4.1.0
v4.2.0-beta1
v4.6.0
v4.6.1