Kibana@5.4.0 Security Vulnerabilities and Issues — Kibana@5.4.0 CVE List

Lucene search

ElasticKibana5.4.0

3 matches found

CVE•added 2017/09/29 1:34 a.m.•66 views

CVE-2017-11479

Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

6.1CVSS5.9AI score0.00389EPSS

CVE•added 2017/06/05 2:29 p.m.•59 views

CVE-2017-8439

Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder. This bug could allow an attacker to obtain sensitive information from Kibana users.

6.1CVSS5.7AI score0.00335EPSS

CVE•added 2017/06/05 2:29 p.m.•49 views

CVE-2017-8440

Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

6.1CVSS6AI score0.00335EPSS