Vulnerabilities > CVE-2017-8452 - Uncontrolled File Descriptor Consumption vulnerability in Elastic Kibana

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
elastic
CWE-769
NVD
Published: 2017-06-16
Updated: 2020-10-19

Summary

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Vulnerable Configurations

Part Description Count
Application
Elastic
229

Common Weakness Enumeration (CWE)

References