Lucene search
PRIOn knowledge basePRION:CVE-2022-23711HistoryApr 21, 2022 - 7:15 p.m.
Spoofing
2022-04-2119:15:00
PRIOn knowledge base
www.prio-n.com
4
A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source.
Related
redhatcve
redhatcve
CVE-2022-23711
2022-04-21 18:42:48
veracode
veracode
Information Disclosure
2022-04-22 13:31:29
osv
osv
CVE-2022-23711
2022-04-21 19:15:08
cvelist
cvelist
CVE-2022-23711
2022-04-21 18:22:58
nvd
nvd
CVE-2022-23711
2022-04-21 19:15:08
cve
cve
CVE-2022-23711
2022-04-21 19:15:08
openvas
openvas
nessus
nessus
Kibana 7.2.1 < 7.17.3 Sensitive Information Exposure
2023-01-11 00:00:00
Kibana 8.0.0 < 8.1.3 Sensitive Information Exposure
2023-01-11 00:00:00