Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout setting is not being respected. This was caused by background polling activities unintentionally extending authenticated users sessions, preventing a user session from timing out.
CVSS Information
N/A
Vulnerability Type
不充分的会话过期机制
Vulnerability Title
Elastic Stack Kibana 代码问题漏洞
Vulnerability Description
Elastic Stack Kibana是美国Elastic Stack公司的一个应用系统。一个免费且开放的用户界面,能够让您对 Elasticsearch 数据进行可视化,并让您在 Elastic Stack 中进行导航。 Kibana 7.12.0版本和6.8.15版本之前存在安全漏洞。该漏洞源于程序会话超时存在缺陷,导致户会话超时。
CVSS Information
N/A
Vulnerability Type
N/A