Security Advisory

CVE-2016-10364

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-06-16 21:00:00

Last updated 2024-08-06 03:21:50

Assigner elastic

State PUBLISHED

Description

With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions.

← Browse all CVEs View on cve.org ↗