CVE-2021-22136 log

Source
Severity Medium
Remote Yes
Type Incorrect calculation
Description
A flaw in Kibana versions before 7.12.0 and 6.8.15 was discovered where the xpack.security.session.idleTimeout setting is not being respected. This was caused by background polling activities unintentionally extending authenticated users sessions, preventing a user session from timing out.
Group Package Affected Fixed Severity Status Ticket
AVG-1570 kibana 7.10.1-1 High Vulnerable FS#70038
References
https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125