Описание
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint.
Ссылки
- Issue TrackingPatchVendor Advisory
- Issue TrackingPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.0.0 (включая) до 7.17.23 (исключая)Версия от 8.0.0 (включая) до 8.14.0 (исключая)
Одно из
cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00389
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-400
Связанные уязвимости
CVSS3: 6.5
debian
больше 1 года назад
An issue was discovered in Kibana where a user with Viewer role could ...
CVSS3: 6.5
github
больше 1 года назад
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint.
EPSS
Процентиль: 59%
0.00389
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-400