CVE-2016-10364

Published: 2017-06-16T21:29Z

Last Modified: 2024-11-21T02:43Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt