Lucene search
K

6 matches found

CVE
CVE
added 2023/11/22 12:36 a.m.71 views

CVE-2021-22151

CVE-2021-22151 (Kibana path traversal) : The Kibana vulnerability arises from not validating a user-supplied path, allowing an attacker to traverse the Kibana host and load internal files ending in the .pbf extension. Public references describe this as a path-traversal flaw that can disclose inte...

4.3CVSS4.1AI score0.00704EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.61 views

Kibana 7.10.2 < 7.14.1 Code Execution

According to its self-reported version number, the Kibana application running on the remote host is prior to 7.14.1. It is, therefore, affected by : - A code execution vulnerability due to an older version of js-yaml CVE-2021-22150 - An HTML Injection due to a lack of sanitization of document...

7.2CVSS5.4AI score0.01154EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.50 views

Kibana 7.9.0 < 7.14.1 Path Traversal

According to its self-reported version number, the Kibana application running on the remote host is prior to 7.14.1. It is, therefore, affected by : - A code execution vulnerability due to an older version of js-yaml CVE-2021-22150 - An HTML Injection due to a lack of sanitization of document...

7.2CVSS5.4AI score0.01154EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.50 views

Kibana 7.14.0 HTML Injection

According to its self-reported version number, the Kibana application running on the remote host is prior to 7.14.1. It is, therefore, affected by : - A code execution vulnerability due to an older version of js-yaml CVE-2021-22150 - An HTML Injection due to a lack of sanitization of document...

7.2CVSS5.4AI score0.01154EPSS
Exploits0References5
Hacker One
Hacker One
added 2021/09/28 12:50 p.m.85 views

Elastic: Fix for CVE-2021-22151 (Kibana path traversal issue) can be bypassed on Windows

Summary Hello team, I hope you're doing well! I was combing through your GitHub repository to look at the fixes for recent security releases and found the fix for CVE-2021-22151 to be incomplete. The current fix makes assumptions that are true on Linux but that don't hold on Windows. Details The...

5.7AI score0.00704EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/09/27 12:0 a.m.22 views

Elastic Kibana Path Traversal Vulnerability (ESA-2021-22)

Elastic Kibana is prone to a path traversal vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...

4.3CVSS4.9AI score0.00704EPSS
Exploits0References1
Rows per page
Query Builder