Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Remediation

References

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2020-9488 Vulnerability in maven package org.apache.logging.log4j:log4j

CVE-2023-40351 Vulnerability in maven package org.jenkins-ci.plugins:favorite-view

CVE-2022-23616 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui

CVE-2023-43498 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2015-1840 Vulnerability in npm package jquery-ujs

Severity

High

Classification

CWE-769 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Vendor Advisory