Kibana

Kibana Remote Code Execution Vulnerability (CVE-2019-7609) Threat Alert

November 5, 2019

Vulnerability Description

In February 2019, an official announcement was made that Kibana had a remote code execution vulnerability. The Kibana version prior to 5.6.15 and 6.6.1 had a functional flaw in the Timelion visualization tool, which allowed an attacker to use Kibana to execute arbitrary code on the server. Currently PoC has been announced; Ussers are recommended to conduct self-examination and protection in a timely manner. (more…)

Search

Subscribe to the NSFOCUS Blog