Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elastic kibana vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-3820
Kibana versions after 6.1.0 and prior to 6.1.3 had a cross-site scripting (XSS) vulnerability in labs visualizations that could allow an malicious user to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Elastic Kibana
383
VMScore
CVE-2018-3821
Kibana versions after 5.1.1 and prior to 5.6.7 and 6.1.3 had a cross-site scripting (XSS) vulnerability in the tag cloud visualization that could allow an malicious user to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Elastic Kibana
383
VMScore
CVE-2017-11481
Kibana versions before 6.0.1 and 5.6.5 had a cross-site scripting (XSS) vulnerability via URL fields that could allow an malicious user to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Elastic Kibana 6.0.0
Elastic Kibana 5.6.1
Elastic Kibana 5.6.2
Elastic Kibana 5.6.3
Elastic Kibana 5.6.4
Elastic Kibana 5.6.0
383
VMScore
CVE-2017-11479
Kibana versions before 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an malicious user to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Elastic Kibana 5.3.2
Elastic Kibana 5.3.1
Elastic Kibana 5.3.0
Elastic Kibana 5.2.2
Elastic Kibana 5.5.3
Elastic Kibana 5.5.2
Elastic Kibana 5.5.1
Elastic Kibana 5.5.0
Elastic Kibana 5.4.3
Elasticsearch Kibana 5.1.0
Elastic Kibana 5.0.2
Elastic Kibana 5.0.1
Elastic Kibana 5.0.0
Elastic Kibana 5.4.2
Elastic Kibana 5.4.0
Elastic Kibana 5.2.0
Elastic Kibana 5.1.1
Elastic Kibana 5.6.0
Elastic Kibana 5.4.1
Elastic Kibana 5.3.3
Elastic Kibana 5.2.1
Elastic Kibana 5.1.2
383
VMScore
CVE-2017-8443
In Kibana X-Pack security versions before 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters credentials on this screen, the credentials will appear in the URL bar. The credentials ...
Elastic Kibana
383
VMScore
CVE-2015-9056
Kibana versions before 4.1.3 and 4.2.1 are vulnerable to a XSS attack.
Elastic Kibana
Elastic Kibana 4.2.0
383
VMScore
CVE-2016-10366
Kibana versions after and including 4.3 and prior to 4.6.2 are vulnerable to a cross-site scripting (XSS) attack.
Elastic Kibana 4.4.0
Elastic Kibana 4.5.2
Elastic Kibana 4.3.1
Elastic Kibana 4.3.3
Elastic Kibana 4.5.4
Elastic Kibana 4.5.0
Elastic Kibana 4.6.1
Elastic Kibana 4.6.0
Elastic Kibana 4.4.1
Elastic Kibana 4.4.2
Elastic Kibana 4.5.1
Elastic Kibana 4.5.3
Elastic Kibana 4.3.0
Elastic Kibana 4.3.2
383
VMScore
CVE-2017-8439
Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder. This bug could allow an malicious user to obtain sensitive information from Kibana users.
Elastic Kibana 5.4.0
383
VMScore
CVE-2017-8440
Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an malicious user to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Elastic Kibana 5.3.2
Elastic Kibana 5.3.1
Elastic Kibana 5.3.0
Elastic Kibana 5.4.0
357
VMScore
CVE-2022-23709
A flaw exists in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user with this privilege would be able to create new alerting rules or overwrite existing ones. However, any new or modified rules would not be enabled, and a user with th...
Elastic Kibana
Elastic Kibana 8.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »