Medium severity6.5NVD Advisory· Published Jun 30, 2017· Updated Jun 17, 2026
CVE-2017-8443
CVE-2017-8443
Description
In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters credentials on this screen, the credentials will appear in the URL bar. The credentials could then be viewed by untrusted parties or logged into the Kibana access logs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: before 5.4.3
Patches
Vulnerability mechanics
References
1- www.elastic.co/community/securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.