Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_113534HistoryJan 11, 2023 - 12:00 a.m.
Kibana < 7.8.1 Multiples Vulnerabilities
2023-01-1100:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
According to its self-reported version number, the Kibana application running on the remote host is prior to 7.8.1. It is, therefore, affected by :
-
A Regular Expression Denial Of Service flaw in Timelion (CVE-2020-7016)
-
A Cross-Site Scripting in region map visualization (CVE-2020-7017)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data| Vendor | Product | Version | CPE |
|---|---|---|---|
| elasticsearch | kibana | * | cpe:2.3:a:elasticsearch:kibana:*:*:*:*:*:*:*:* |
Related
nessus
nessus
Photon OS 1.0: Kibana PHSA-2020-1.0-0321
2020-10-21 00:00:00
Photon OS 2.0: Kibana PHSA-2020-2.0-0281
2020-09-21 00:00:00
Photon OS 3.0: Kibana PHSA-2020-3.0-0135
2020-09-08 00:00:00
openvas
openvas
Elastic Kibana < 6.8.11, 7.x < 7.8.1 Multiple Vulnerabilities - Windows
2020-08-03 00:00:00
Elastic Kibana < 6.8.11, 7.x < 7.8.1 Multiple Vulnerabilities - Linux
2020-08-03 00:00:00
ibm
ibm
photon
photon
osv
osv
CVE-2020-7016
2020-07-27 18:15:14
BIT-elk-2020-7016
2024-03-06 10:51:48
CVE-2020-7017
2020-07-27 18:15:14
cve
cve
CVE-2020-7016
2020-07-27 18:15:00
CVE-2020-7017
2020-07-27 18:15:00
veracode
veracode
Cross-site Scripting (XSS)
2020-07-28 04:58:39
Denial Of Service (DoS)
2020-07-28 04:20:54
redhatcve
redhatcve
CVE-2020-7016
2020-08-04 05:13:18
CVE-2020-7017
2020-08-04 05:13:19
prion
prion
Cross site scripting
2020-07-27 18:15:00
Design/Logic Flaw
2020-07-27 18:15:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Related for WEB_APPLICATION_SCANNING_113534