CVE-2021-22139 - CERT CVE
ID CVE-2021-22139
Sažetak Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size. An attacker with permissions to create webhook actions could drain the Kibana host connection pool, making Kibana unavailable for all other users.
Reference
CVSS
Base: 4.0
Impact: 2.9
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:N/AC:L/Au:S/C:N/I:N/A:P
Zadnje važnije ažuriranje 21-05-2021 - 16:37
Objavljeno 13-05-2021 - 18:15