Back to search
CVE-2021-22139
Published: May 13, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size. An attacker with permissions to create webhook actions could drain the Kibana host connection pool, making Kibana unavailable for all other users.
| Vendor | Product | Versions |
|---|---|---|
Elastic | Kibana | affected before 7.12.1 |
Weaknesses (CWE)
References
https://discuss.elastic.co/t/7-12-1-security-update/271433
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now