Vulnerability Details CVE-2018-20698
The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-20698
-
cpe:2.3:a:search-guard:search_guard:1
-
cpe:2.3:a:search-guard:search_guard:4.6.0-1
-
cpe:2.3:a:search-guard:search_guard:4.6.0-2
-
cpe:2.3:a:search-guard:search_guard:5.0.2-1
-
cpe:2.3:a:search-guard:search_guard:5.0.2-2
-
cpe:2.3:a:search-guard:search_guard:5.1.1-1
-
cpe:2.3:a:search-guard:search_guard:5.1.1-2
-
cpe:2.3:a:search-guard:search_guard:5.1.2-1
-
cpe:2.3:a:search-guard:search_guard:5.1.2-2
-
cpe:2.3:a:search-guard:search_guard:5.2.0-1
-
cpe:2.3:a:search-guard:search_guard:5.2.0-2
-
cpe:2.3:a:search-guard:search_guard:5.2.0-3
-
cpe:2.3:a:search-guard:search_guard:5.2.1-1
-
cpe:2.3:a:search-guard:search_guard:5.2.1-2
-
cpe:2.3:a:search-guard:search_guard:5.2.1-3
-
cpe:2.3:a:search-guard:search_guard:5.2.2
-
cpe:2.3:a:search-guard:search_guard:5.2.2-1
-
cpe:2.3:a:search-guard:search_guard:5.2.2-2
-
cpe:2.3:a:search-guard:search_guard:5.2.2-3
-
cpe:2.3:a:search-guard:search_guard:5.3.0-1
-
cpe:2.3:a:search-guard:search_guard:5.3.0-2
-
cpe:2.3:a:search-guard:search_guard:5.3.0-3
-
cpe:2.3:a:search-guard:search_guard:5.3.1-2
-
cpe:2.3:a:search-guard:search_guard:5.3.1-3
-
cpe:2.3:a:search-guard:search_guard:5.3.2-2
-
cpe:2.3:a:search-guard:search_guard:5.3.2-3
-
cpe:2.3:a:search-guard:search_guard:5.3.3-3
-
cpe:2.3:a:search-guard:search_guard:5.4.0
-
cpe:2.3:a:search-guard:search_guard:5.4.0-3
-
cpe:2.3:a:search-guard:search_guard:5.4.0-4
-
cpe:2.3:a:search-guard:search_guard:5.4.1-3
-
cpe:2.3:a:search-guard:search_guard:5.4.1-4
-
cpe:2.3:a:search-guard:search_guard:5.4.2-3
-
cpe:2.3:a:search-guard:search_guard:5.4.2-4
-
cpe:2.3:a:search-guard:search_guard:5.4.3
-
cpe:2.3:a:search-guard:search_guard:5.4.3-3
-
cpe:2.3:a:search-guard:search_guard:5.4.3-4
-
cpe:2.3:a:search-guard:search_guard:5.5.0-3
-
cpe:2.3:a:search-guard:search_guard:5.5.0-4
-
cpe:2.3:a:search-guard:search_guard:5.5.1-3
-
cpe:2.3:a:search-guard:search_guard:5.5.1-4
-
cpe:2.3:a:search-guard:search_guard:5.5.2-4
-
cpe:2.3:a:search-guard:search_guard:5.5.3-4
-
cpe:2.3:a:search-guard:search_guard:5.6.0-4
-
cpe:2.3:a:search-guard:search_guard:5.6.0-5
-
cpe:2.3:a:search-guard:search_guard:5.6.2-4
-
cpe:2.3:a:search-guard:search_guard:5.6.2-5
-
cpe:2.3:a:search-guard:search_guard:5.6.3-4
-
cpe:2.3:a:search-guard:search_guard:5.6.3-5
-
cpe:2.3:a:search-guard:search_guard:5.6.4-5
-
cpe:2.3:a:search-guard:search_guard:5.6.5-5
-
cpe:2.3:a:search-guard:search_guard:5.6.6-5
-
cpe:2.3:a:search-guard:search_guard:5.6.7-6
-
cpe:2.3:a:search-guard:search_guard:5.6.8-6
-
cpe:2.3:a:search-guard:search_guard:5.6.8-7
-
cpe:2.3:a:search-guard:search_guard:6.1.0-10
-
cpe:2.3:a:search-guard:search_guard:6.1.0-8
-
cpe:2.3:a:search-guard:search_guard:6.1.1-10
-
cpe:2.3:a:search-guard:search_guard:6.1.1-12
-
cpe:2.3:a:search-guard:search_guard:6.1.1-9
-
cpe:2.3:a:search-guard:search_guard:6.1.2-10
-
cpe:2.3:a:search-guard:search_guard:6.1.2-12
-
cpe:2.3:a:search-guard:search_guard:6.1.2-9
-
cpe:2.3:a:search-guard:search_guard:6.1.3-10
-
cpe:2.3:a:search-guard:search_guard:6.1.3-12
-
cpe:2.3:a:search-guard:search_guard:6.1.3-9
-
cpe:2.3:a:search-guard:search_guard:6.1.4-12
-
cpe:2.3:a:search-guard:search_guard:6.2.1-10
-
cpe:2.3:a:search-guard:search_guard:6.2.1-12
-
cpe:2.3:a:search-guard:search_guard:6.2.1-14
-
cpe:2.3:a:search-guard:search_guard:6.2.1-15
-
cpe:2.3:a:search-guard:search_guard:6.2.2-10
-
cpe:2.3:a:search-guard:search_guard:6.2.2-12
-
cpe:2.3:a:search-guard:search_guard:6.2.2-14
-
cpe:2.3:a:search-guard:search_guard:6.2.2-15
-
cpe:2.3:a:search-guard:search_guard:6.2.3-12
-
cpe:2.3:a:search-guard:search_guard:6.2.3-14
-
cpe:2.3:a:search-guard:search_guard:6.2.3-15
-
cpe:2.3:a:search-guard:search_guard:6.2.4-14
-
cpe:2.3:a:search-guard:search_guard:6.2.4-15
-
cpe:2.3:a:search-guard:search_guard:6.3.0-14