Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Remediation

References

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2015-7559 Vulnerability in maven package org.apache.activemq:activemq-all

CVE-2023-35887 Vulnerability in maven package org.apache.sshd:sshd-sftp

CVE-2010-1587 Vulnerability in maven package org.apache.activemq:apache-activemq

CVE-2011-2204 Vulnerability in maven package org.apache.tomcat:catalina

CVE-2019-0230 Vulnerability in maven package org.apache.struts:struts2-core

Severity

High

Classification

CWE-769 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Vendor Advisory