Security Advisory

CVE-2021-22139

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-13 17:35:19

Last updated 2024-08-03 18:30:23

Assigner elastic

State PUBLISHED

Description

Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size. An attacker with permissions to create webhook actions could drain the Kibana host connection pool, making Kibana unavailable for all other users.

← Browse all CVEs View on cve.org ↗