CVE-2020-7016
published 2020-07-27CVE-2020-7016: Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user…
medium4.8CVSS 3.1
AVNACHPRLUIRSUCNINAH
Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming unresponsive.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | — | — |
| elasticsearch | kibana | < 6.8.11 | 6.8.11 |
| elasticsearch | kibana | >= 7.0.0 < 7.8.1 | 7.8.1 |
| oracle | communications_billing_and_revenue_management | — | — |
| oracle | communications_cloud_native_core_network_function_cloud_native_environment | — | — |
| oracle | peoplesoft_enterprise_peopletools | — | — |