CVE-2024-23442
An open redirect issue was discovered in Kibana that could
Description
Description
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Affected Vendors & Products
| Vendor | Product | Version |
|---|---|---|
| elastic | kibana | to 7.17.22 (exc) |
| elastic | kibana | From 8.0.0 (inc) to 8.14.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart
Meta Information
CVE Publication Date:
2024-06-14
CVE Last Modified Date:
2024-11-21
Report Generation Date:
2025-11-02
EPSS Last Evaluated Date:
2025-08-20
NVD Report Link: