\ Latest Vulnerabilities Affecting Elasticsearch Kibana | Vumetric Cyber Portal

Latest Vulnerabilities Affecting Elasticsearch Kibana

The following table presents a summary of the vulnerabilities affecting Kibana . As of today, a total of 25 vulnerabilities were reported for this product, the risk distribution is:
  • 0 critical risk vulnerabilities
  • 1 high risk vulnerability
  • 23 medium risk vulnerabilities
  • 1 low risk vulnerability
The first vulnerability was reported on 2015-06-15, while the last reported vulnerability was reported on 2019-10-01. If you are aware of any missing vulnerabilities for this product, please contact us using the contact form.
Date CVE Title CVSS
2019-10-01 CVE-2019-7618 Undefined vulnerability in Elasticsearch Kibana 7.3.0/7.3.1/7.3.2 Low
2019-07-30 CVE-2019-7616 Server-Side Request Forgery (SSRF) vulnerability in Elasticsearch Kibana Medium
2018-12-20 CVE-2018-17246 Undefined vulnerability in Elasticsearch and Redhat products High
2018-12-20 CVE-2018-17245 Undefined vulnerability in Elasticsearch Kibana Medium
2018-09-19 CVE-2018-3830 Cross-Site Scripting (XSS) vulnerability in Elasticsearch and Redhat products Medium
2018-03-30 CVE-2018-3818 Cross-Site Scripting (XSS) vulnerability in Elasticsearch Kibana Medium
2018-03-30 CVE-2018-3820 Cross-Site Scripting (XSS) vulnerability in Elasticsearch Kibana 6.1.1/6.1.2 Medium
2018-03-30 CVE-2018-3821 Cross-Site Scripting (XSS) vulnerability in Elasticsearch Kibana Medium
2018-03-30 CVE-2018-3819 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Elasticsearch Kibana Medium
2017-12-08 CVE-2017-11481 Cross-Site Scripting (XSS) vulnerability in Elasticsearch Kibana Medium
2017-12-08 CVE-2017-11482 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Elasticsearch Kibana Medium
2017-09-29 CVE-2017-11479 Cross-Site Scripting (XSS) vulnerability in Elasticsearch Kibana Medium
2017-06-30 CVE-2017-8443 Information Leak / Disclosure vulnerability in Elasticsearch Kibana 5.4.2 Medium
2017-06-16 CVE-2016-10365 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Elasticsearch Kibana 4.6.2/5.0.0 Medium
2017-06-16 CVE-2016-1000219 Improper Authorization vulnerability in Elasticsearch Kibana 4.1.0/4.5.0 Medium