Kibana 8.14.0/7.17.22 Security Update (ESA-2024-10)

Kibana open redirect issue (ESA-2024-10).

An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

Affected Versions:
Kibana Versions before 7.17.22 and before 8.14.0.

Solutions and Mitigations:
The issue is resolved in versions 7.17.22 and 8.14.0.

Severity: CVSSv3: 6.1(Medium) - AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVE ID: CVE-2024-23442