CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-12556

Prototype Pollution in Kibana can lead to code injection via unrestricted file upload combined with path traversal.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.3%

CVSS Severity

CVSS v3 Score 8.7

References

https://discuss.elastic.co/t/kibana-8-16-4-and-8-17-2-security-update-esa-2025-02/376918

Products affected by CVE-2024-12556

Elastic » Kibana » Version: 8.16.1

cpe:2.3:a:elastic:kibana:8.16.1
Elastic » Kibana » Version: 8.16.2

cpe:2.3:a:elastic:kibana:8.16.2
Elastic » Kibana » Version: 8.16.3

cpe:2.3:a:elastic:kibana:8.16.3
Elastic » Kibana » Version: 8.17.0

cpe:2.3:a:elastic:kibana:8.17.0
Elastic » Kibana » Version: 8.17.1

cpe:2.3:a:elastic:kibana:8.17.1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved