CVE-2021-22151 log

Source
Severity Medium
Remote Yes
Type Directory traversal
Description
A security issue has been found in kibana before version 7.14.1. It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension.
Group Package Affected Fixed Severity Status Ticket
AVG-1570 kibana 7.10.2-1 Medium Unknown FS#70038
References
https://discuss.elastic.co/t/elastic-stack-7-14-1-security-update/283077