Vulnerabilities > Elastic > Kibana > 7.14.0

DATE CVE VULNERABILITY TITLE RISK
2023-12-13 CVE-2023-46675 Information Exposure Through Log Files vulnerability in Elastic Kibana
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana.
network
low complexity
elastic CWE-532
6.5
6.5
2023-11-22 CVE-2021-22150 Code Injection vulnerability in Elastic Kibana
It was discovered that a user with Fleet admin permissions could upload a malicious package.
network
low complexity
elastic CWE-94
7.2
7.2
2023-11-22 CVE-2021-22151 Path Traversal vulnerability in Elastic Kibana
It was discovered that Kibana was not validating a user supplied path, which would load .pbf files.
network
low complexity
elastic CWE-22
4.3
4.3