Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Elastic Kibana 信息泄露漏洞
Vulnerability Description
Elastic Kibana是美国Elastic公司的一个应用系统。一个免费且开放的用户界面,能够让您对 Elasticsearch 数据进行可视化,并让您在 Elastic Stack 中进行导航。 Elastic Kibana 7.8.0 版本到 7.17.2 版本和 8.0.0 版本到 8.1.2 版本存在安全漏洞,该漏洞源于可能会暴露 Kibana 页面源中与 Elastic Stack 监控相关的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A