CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Elasticsearch: >> Kibana >> 6.8.10 Security Vulnerabilities

CVE-2020-7016

Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming unresponsive.

CVSS Score

4.8

EPSS Score

0.004

Published

2020-07-27

CVE-2020-7017

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualization.

CVSS Score

6.7

EPSS Score

0.009

Published

2020-07-27

Page 1

Vulnerabilities

Vulnerable Software

Elasticsearch: >> Kibana >> 6.8.10 Security Vulnerabilities

Products

Pricing

Contact Us