Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Remediation

References

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2023-41329 Vulnerability in maven package com.github.tomakehurst:wiremock-jre8

CVE-2016-0709 Vulnerability in maven package org.apache.portals.jetspeed-2:j2-admin

CVE-2023-24456 Vulnerability in maven package org.jenkins-ci.plugins:keycloak

CVE-2020-6537 Vulnerability in npm package electron

CVE-2022-43405 Vulnerability in maven package io.jenkins.plugins:pipeline-groovy-lib

Severity

High

Classification

CWE-769 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Vendor Advisory