CVE-2020-7017 |
AVG-1210 |
High |
Yes |
Content spoofing |
In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region... |
CVE-2020-7016 |
AVG-1210 |
Medium |
Yes |
Denial of service |
Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana... |
CVE-2019-7610 |
AVG-911 |
High |
Yes |
Arbitrary code execution |
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting... |
CVE-2019-7609 |
AVG-911 |
High |
Yes |
Arbitrary code execution |
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion... |
CVE-2019-7608 |
AVG-911 |
High |
Yes |
Information disclosure |
Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from, or... |