Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Remediation

References

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2020-1957 Vulnerability in maven package org.apache.shiro:shiro-web

CVE-2017-3161 Vulnerability in maven package org.apache.hadoop:hadoop-hdfs

CVE-2023-33000 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration

CVE-2020-6532 Vulnerability in npm package electron

CVE-2023-26471 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rendering-async-api

Severity

High

Classification

CWE-769 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Vendor Advisory