Elastic Kibana 6.8.15

CPE Details

Elastic Kibana 6.8.15
elastic
kibana
6.8.15
2021-05-20
07h53 +00:00
2021-05-24
17h55 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:elastic:kibana:6.8.15:*:*:*:*:*:*:*

Informations

Vendor

elastic

Product

kibana

Version

6.8.15

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-23442 2024-06-14 14h26 +00:00 An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
6.1
Medium
CVE-2021-22141 2022-11-17 23h00 +00:00 An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary website.
6.1
Medium
CVE-2021-37936 2022-11-17 23h00 +00:00 It was discovered that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to an elasticsearch index could inject HTML. When the Discover app highlighted a search term containing the HTML, it would be rendered for the user.
5.4
Medium
CVE-2021-22139 2021-05-13 15h35 +00:00 Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size. An attacker with permissions to create webhook actions could drain the Kibana host connection pool, making Kibana unavailable for all other users.
6.5
Medium