{"containers": {"cna": {"affected": [{"product": "openshift-logging/console", "vendor": "n/a", "versions": [{"status": "affected", "version": "Versions before elasticsearch-operator-container 4.7"}]}], "descriptions": [{"lang": "en", "value": "The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift-logging console link damage. This flaw affects elasticsearch-operator-container versions before 4.7."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "description": "CWE-601", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-02T00:54:03", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902698"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-27816", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "openshift-logging/console", "version": {"version_data": [{"version_value": "Versions before elasticsearch-operator-container 4.7"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift-logging console link damage. This flaw affects elasticsearch-operator-container versions before 4.7."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-601"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1902698", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902698"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T16:25:43.531Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902698"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-27816", "datePublished": "2020-12-02T00:54:03", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-08-04T16:25:43.531Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E38198B-89C6-40B0-9A57-667DC30FD67D", "versionEndIncluding": "4.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift-logging console link damage. This flaw affects elasticsearch-operator-container versions before 4.7."}, {"lang": "es", "value": "Elasticsearch-operator no comprueba el espacio de nombres donde el recurso de registro de kibana es creado y, debido a eso, es posible reemplazar el enlace de la consola de registro de openshift original (consola de kibana) por uno diferente, creado en base al nuevo CR para el nuevo recurso de kibana. Esto podr\u00eda conllevar al redireccionamiento de una URL arbitraria o da\u00f1os en el enlace de la consola de registro de openshift. Este fallo afecta a elasticsearch-operator-container versiones anteriores a 4.7"}], "id": "CVE-2020-27816", "lastModified": "2020-12-04T22:36:24.500", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-02T01:15:12.843", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902698"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-601"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Aivaras Laimikis for reporting this issue.", "affected_release": [{"advisory": "RHSA-2021:0310", "cpe": "cpe:/a:redhat:openshift:4.6::el8", "package": "openshift4/ose-elasticsearch-operator:v4.6.0-202101300140.p0", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2021-02-08T00:00:00Z"}], "bugzilla": {"description": "openshift/elasticsearch-operator: arbitrary URL redirection of the cluster logging kibana console", "id": "1902698", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902698"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "status": "verified"}, "cwe": "CWE-601", "details": ["The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift-logging console link damage. This flaw affects elasticsearch-operator-container versions before 4.7.", "The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift cluster logging console link damage."], "name": "CVE-2020-27816", "public_date": "2020-11-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-27816\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-27816"], "threat_severity": "Moderate", "upstream_fix": "elasticsearch-operator-container 4.7"}