Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Remediation

References

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2014-9772 Vulnerability in npm package validator

CVE-2022-41249 Vulnerability in maven package com.meowlomo.jenkins:scm-httpclient

CVE-2023-40177 Vulnerability in maven package org.xwiki.platform:xwiki-platform-appwithinminutes-ui

CVE-2021-42550 Vulnerability in maven package ch.qos.logback:logback-core

CVE-2022-25209 Vulnerability in maven package org.jenkins-ci.plugins:sinatra-chef-builder

Severity

High

Classification

CWE-769 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Vendor Advisory