Known Vulnerabilities for Kibana by Elastic
Listed below are 10 of the newest known vulnerabilities associated with "Kibana" by "Elastic".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-4819 | In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging ... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2022-23713 | A cross-site-scripting (XSS) vulnerability was discovered in the Vega Charts Kibana integration which could allow arbitrary J... | 6.1 - MEDIUM | 2022-07-06 | 2022-07-14 |
| CVE-2022-23711 | A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. E... | 5.3 - MEDIUM | 2022-04-21 | 2022-05-03 |
| CVE-2022-23710 | A cross-site-scripting (XSS) vulnerability was discovered in the Data Preview Pane (previously known as Index Pattern Preview... | 6.1 - MEDIUM | 2022-03-03 | 2022-04-18 |
| CVE-2022-23709 | A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user wit... | 4.3 - MEDIUM | 2022-03-03 | 2022-03-16 |
| CVE-2022-23707 | An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to ... | 5.4 - MEDIUM | 2022-02-11 | 2022-02-22 |
| CVE-2021-22150 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.2 - HIGH | 2023-11-22 | 2023-12-01 |
| CVE-2021-22142 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-22 | 2023-12-01 |
| CVE-2021-22141 | An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted... | 6.1 - MEDIUM | 2022-11-18 | 2022-11-22 |
| CVE-2021-22139 | Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of tim... | 6.5 - MEDIUM | 2021-05-13 | 2021-05-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Elastic | Kibana | 7.9.2 | All | All | All |
| Application | Elastic | Kibana | 7.9.1 | All | All | All |
| Application | Elastic | Kibana | 7.9.0 | All | All | All |
| Application | Elastic | Kibana | 7.8.1 | All | All | All |
| Application | Elastic | Kibana | 7.8.0 | All | All | All |
| Application | Elastic | Kibana | 7.7.1 | All | All | All |
| Application | Elastic | Kibana | 7.7.0 | All | All | All |
| Application | Elastic | Kibana | 7.6.2 | All | All | All |
| Application | Elastic | Kibana | 7.6.1 | All | All | All |
| Application | Elastic | Kibana | 7.6.0 | All | All | All |
| Application | Elastic | Kibana | 7.5.2 | All | All | All |
| Application | Elastic | Kibana | 7.5.1 | All | All | All |
| Application | Elastic | Kibana | 7.5.0 | All | All | All |
| Application | Elastic | Kibana | 7.4.2 | All | All | All |
| Application | Elastic | Kibana | 7.4.1 | All | All | All |
| Application | Elastic | Kibana | 7.4.0 | All | All | All |
| Application | Elastic | Kibana | 7.3.2 | All | All | All |
| Application | Elastic | Kibana | 7.3.1 | All | All | All |
| Application | Elastic | Kibana | 7.3.0 | All | All | All |
| Application | Elastic | Kibana | 7.2.1 | All | All | All |