Kibana Security Vulnerabilities and Issues — Kibana CVE List

Lucene search

ElasticsearchKibana

3 matches found

CVE•added 2020/07/27 6:15 p.m.•86 views

CVE-2020-7016

Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming unresponsive.

4.8CVSS5.4AI score0.00377EPSS

CVE•added 2020/07/27 6:15 p.m.•82 views

CVE-2020-7017

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualizati...

6.7CVSS6.1AI score0.00919EPSS

CVE•added 2017/09/29 1:34 a.m.•66 views

CVE-2017-11479

Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

6.1CVSS5.9AI score0.00389EPSS