Oval Definition:	oval:org.opensuse.security:def:202137938
Revision Date: 2022-05-22 Version: 1 Title: CVE-2021-37938 Description: It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension. Thanks to Dominic Couture for finding this vulnerability. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2021-37938 SUSE CVE-2021-37938 Platform(s): SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis Release Information SUSE OpenStack Cloud 8 is installed OR SUSE OpenStack Cloud Crowbar 8 is installed AND kibana is not affected Definition Synopsis Release Information SUSE OpenStack Cloud 9 is installed OR SUSE OpenStack Cloud Crowbar 9 is installed AND kibana is not affected
BACK