Kibana versions prior to 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming unresponsive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
elasticsearch kibana |
||
oracle peoplesoft enterprise peopletools 8.58 |
||
oracle communications billing and revenue management 12.0.0.3.0 |
||
oracle communications cloud native core network function cloud native environment 1.7.0 |