kibana

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Browser based analytics and search dashboard for Elasticsearch
Version 7.0.1-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-911 6.6.0-2 6.6.1-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2019-7610 AVG-911 High Yes Arbitrary code execution
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting...
CVE-2019-7609 AVG-911 High Yes Arbitrary code execution
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion...
CVE-2019-7608 AVG-911 High Yes Information disclosure
Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from, or...

Advisories

Date Advisory Group Severity Description
25 Feb 2019 ASA-201902-26 AVG-911 High multiple issues