Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_113532HistoryJan 11, 2023 - 12:00 a.m.
Kibana 7.8.0 < 7.15.2 Multiple Vulnerabilities
2023-01-1100:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
kibana vulnerabilities scanner data security
0.001 Low
EPSS
Percentile
27.0%
According to its self-reported version number, the Kibana application running on the remote host is 7.8.0 prior to 7.15.2. It is, therefore, affected by :
-
Path Traversal on Windows operating systems specifically (CVE-2021-37938)
-
Information Disclosure in Kibanaβs JIRA connector & IBM Resilient connector (CVE-2021-37939)
Note that the scanner has not tested for these issues but has instead relied only on the applicationβs self-reported version number.
No source data| Vendor | Product | Version | CPE |
|---|---|---|---|
| elasticsearch | kibana | * | cpe:2.3:a:elasticsearch:kibana:*:*:*:*:*:*:*:* |
Related
osv
osv
CVE-2021-37938
2021-11-18 16:15:08
CVE-2021-37939
2021-11-18 16:15:08
Kibana Sensitive Data Disclosure
2022-05-24 22:28:42
prion
prion
Design/Logic Flaw
2021-11-18 16:15:00
Design/Logic Flaw
2021-11-18 16:15:00
cve
cve
CVE-2021-37938
2021-11-18 16:15:08
CVE-2021-37939
2021-11-18 16:15:08
redhatcve
redhatcve
CVE-2021-37939
2021-11-29 05:42:48
openvas
openvas
Elastic Kibana Directory Traversal Vulnerability (ESA-2021-26)
2021-11-17 00:00:00
Elastic Kibana Information Disclosure Vulnerability (ESA-2021-27)
2021-11-17 00:00:00
nvd
nvd
CVE-2021-37938
2021-11-18 16:15:08
CVE-2021-37939
2021-11-18 16:15:08
cvelist
cvelist
CVE-2021-37938
2021-11-18 15:06:45
CVE-2021-37939
2021-11-18 15:09:27
github
github
Kibana Sensitive Data Disclosure
2022-05-24 22:28:42