CVE-2020-27816Open Redirect in Kibana

CWE-601Open Redirect3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.2%
top 62.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Elastic KibanaOpenshift-logging ConsoleRedhat Openshift Container Platform
Timeline
PublishedDec 2

Description

The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift-logging console link damage. This flaw affects elasticsearch-operator-container versions before 4.7.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

CVEListV5openshift-logging/consoleVersions before elasticsearch-operator-container 4.7

Also affects: Openshift Container Platform 4.0

🔴Vulnerability Details

1
CVEList
CVE-2020-27816: The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the orig2020-12-02

📋Vendor Advisories

1
Red Hat
openshift/elasticsearch-operator: arbitrary URL redirection of the cluster logging kibana console2020-11-19
CVE-2020-27816 — Open Redirect in Elastic Kibana | cvebase