AVG-911 log

Package kibana
Status Fixed
Severity High
Type multiple issues
Affected 6.6.0-2
Fixed 6.6.1-1
Current 7.4.2-1 [community]
Ticket None
Created Thu Feb 21 12:51:58 2019
Issue Severity Remote Type Description
CVE-2019-7610 High Yes Arbitrary code execution
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting...
CVE-2019-7609 High Yes Arbitrary code execution
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion...
CVE-2019-7608 High Yes Information disclosure
Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from, or...
Date Advisory Package Description
25 Feb 2019 ASA-201902-26 kibana multiple issues