CVE-2024-23442

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jun 14, 2024

Updated: Aug 7, 2024

CWE ID 601

Summary

CVE-2024-23442 is a recently disclosed vulnerability affecting Kibana, an open-source data visualization and search engine. This issue involves an open redirect vulnerability, which means that a maliciously crafted Kibana URL could redirect users to an arbitrary website of the attacker's choice. This can lead to potential phishing attacks, session hijacking, or other security risks. Users are advised to update their Kibana installations to the latest version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Elastic Kibana

Affected Vendors

Elastic

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/weGdD1
https://www.cve.org/CVERecord?id=CVE-2024-23442
https://nvd.nist.gov/vuln/detail/CVE-2024-23442

Back to Vulnerability Database