Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_113525HistoryJan 11, 2023 - 12:00 a.m.
Kibana < 7.12.0 Timeout Bypass
2023-01-1100:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
kibana
timeout bypass
vulnerability
0.001 Low
EPSS
Percentile
25.0%
According to its self-reported version number, the Kibana application running on the remote host is prior to 7.12.0. It is, therefore, affected by :
- Timeout Bypass due to xpack.security.session.idleTimeout setting is not being respected (CVE-2021-22136)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data| Vendor | Product | Version | CPE |
|---|---|---|---|
| elasticsearch | kibana | * | cpe:2.3:a:elasticsearch:kibana:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2021-05-13 18:15:00
cve
cve
CVE-2021-22136
2021-05-13 18:15:08
openvas
openvas
Elastic Kibana Timeout Bypass Vulnerability (ESA-2021-07)
2021-05-14 00:00:00
nvd
nvd
CVE-2021-22136
2021-05-13 18:15:08
cvelist
cvelist
CVE-2021-22136
2021-05-13 17:35:17
osv
osv
CVE-2021-22136
2021-05-13 18:15:08
redhatcve
redhatcve
CVE-2021-22136
2021-03-25 15:23:08