Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elastic kibana vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2017-11482
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions prior to 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an malicious user to craft a link that redirects to an arbitrary website.
Elastic Kibana 5.6.0
Elastic Kibana 5.6.2
Elastic Kibana 5.6.4
Elastic Kibana 6.0.0
Elastic Kibana 5.6.1
Elastic Kibana 5.6.3
383
VMScore
CVE-2017-11479
Kibana versions before 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an malicious user to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Elastic Kibana 5.3.2
Elastic Kibana 5.3.1
Elastic Kibana 5.3.0
Elastic Kibana 5.2.2
Elastic Kibana 5.5.3
Elastic Kibana 5.5.2
Elastic Kibana 5.5.1
Elastic Kibana 5.5.0
Elastic Kibana 5.4.3
Elasticsearch Kibana 5.1.0
Elastic Kibana 5.0.2
Elastic Kibana 5.0.1
Elastic Kibana 5.0.0
Elastic Kibana 5.4.2
Elastic Kibana 5.4.0
Elastic Kibana 5.2.0
Elastic Kibana 5.1.1
Elastic Kibana 5.6.0
Elastic Kibana 5.4.1
Elastic Kibana 5.3.3
Elastic Kibana 5.2.1
Elastic Kibana 5.1.2
383
VMScore
CVE-2017-8443
In Kibana X-Pack security versions before 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters credentials on this screen, the credentials will appear in the URL bar. The credentials ...
Elastic Kibana
383
VMScore
CVE-2015-9056
Kibana versions before 4.1.3 and 4.2.1 are vulnerable to a XSS attack.
Elastic Kibana
Elastic Kibana 4.2.0
605
VMScore
CVE-2016-1000218
Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an malicious user to generate superfluous reports whenever an authenticated Kibana user navigates to a specially-crafted page.
Elastic Kibana Reporting 2.4.0
516
VMScore
CVE-2017-8451
With X-Pack installed, Kibana versions prior to 5.3.1 have an open redirect vulnerability on the login page that would enable an malicious user to craft a link that redirects to an arbitrary website.
Elastic Kibana
445
VMScore
CVE-2017-8452
Kibana versions before 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.
Elastic Kibana
356
VMScore
CVE-2016-10364
With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions.
Elastic Kibana 5.0.1
Elastic Kibana 5.0.0
383
VMScore
CVE-2016-10366
Kibana versions after and including 4.3 and prior to 4.6.2 are vulnerable to a cross-site scripting (XSS) attack.
Elastic Kibana 4.4.0
Elastic Kibana 4.5.2
Elastic Kibana 4.3.1
Elastic Kibana 4.3.3
Elastic Kibana 4.5.4
Elastic Kibana 4.5.0
Elastic Kibana 4.6.1
Elastic Kibana 4.6.0
Elastic Kibana 4.4.1
Elastic Kibana 4.4.2
Elastic Kibana 4.5.1
Elastic Kibana 4.5.3
Elastic Kibana 4.3.0
Elastic Kibana 4.3.2
383
VMScore
CVE-2017-8439
Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder. This bug could allow an malicious user to obtain sensitive information from Kibana users.
Elastic Kibana 5.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »