CVE-2021-22136 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Incorrect calculation |
Description | A flaw in Kibana versions before 7.12.0 and 6.8.15 was discovered where the xpack.security.session.idleTimeout setting is not being respected. This was caused by background polling activities unintentionally extending authenticated users sessions, preventing a user session from timing out. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1570 | kibana | 7.10.2-1 | Medium | Unknown | FS#70038 |
References |
---|
https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125 |