6 matches found
Security Bulletin: IBM Cloud Private is vulnerable to Elastic Kibana vulnerabilities (CVE-2020-7016,CVE-2020-7017 )
Summary IBM Cloud Private is vulnerable to Elastic Kibana vulnerabilities Vulnerability Details CVEID: CVE-2020-7016 DESCRIPTION: Elastic Kibana is vulnerable to a denial of service, caused by a vulnerability in Timelion. By persuading a victim to visit a specially crafted URL, a remote attacker...
Photon OS 1.0: Kibana PHSA-2020-1.0-0321
An update of the kibana package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0321. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid14163...
Photon OS 3.0: Kibana PHSA-2020-3.0-0135
An update of the kibana package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0135. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid140411;...
Elastic Kibana < 6.8.11, 7.x < 7.8.1 Multiple Vulnerabilities - Linux
Kibana is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana"; ifdescription...
Elastic Kibana < 6.8.11, 7.x < 7.8.1 Multiple Vulnerabilities - Windows
Kibana is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana"; ifdescription...
CVE-2020-7016
CVE-2020-7016 affects Kibana versions before 6.8.11 and before 7.8.1, where a Timelion-related DoS allows an unauthenticated or minimal-auth user to trigger a crafted URL that can cause Kibana to consume excessive CPU and become unresponsive. This is supported by multiple sources (OSV and Nessus ...