Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Remediation

References

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2020-6463 Vulnerability in npm package electron

CVE-2012-5886 Vulnerability in maven package org.apache.tomcat:tomcat-catalina

CVE-2015-5344 Vulnerability in maven package org.apache.camel:camel-core

CVE-2015-0250 Vulnerability in maven package org.apache.xmlgraphics:batik-dom

CVE-2021-45456 Vulnerability in maven package org.apache.kylin:kylin-server-base

Severity

High

Classification

CWE-769 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Vendor Advisory