Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Remediation

References

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2023-46652 Vulnerability in maven package org.jenkins-ci.plugins:lambdatest-automation

CVE-2010-1157 Vulnerability in maven package org.apache.tomcat:catalina

CVE-2014-0050 Vulnerability in maven package commons-fileupload:commons-fileupload

CVE-2013-2187 Vulnerability in maven package org.apache.archiva:archiva

CVE-2013-4517 Vulnerability in maven package xml-security:xmlsec

Severity

High

Classification

CWE-769 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Vendor Advisory