Medium severity6.5NVD Advisory· Published Jun 16, 2017· Updated Jun 17, 2026
CVE-2016-10364
CVE-2016-10364
Description
With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: before 5.0.2
Patches
Vulnerability mechanics
References
1- www.elastic.co/community/securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.