Vulnerabilities > Elastic > Kibana > 7.14.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-18 | CVE-2021-37938 | Path Traversal vulnerability in Elastic Kibana It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. | 4.3 |
| 2021-11-18 | CVE-2021-37939 | Cleartext Transmission of Sensitive Information vulnerability in Elastic Kibana It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. | 2.7 |