Kibana Timelion Denial of Service (DoS) Vulnerability

Kibana Timelion Denial of Service (DoS) Vulnerability

CVE-2020-7016 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming unresponsive.

Learn more about our User Device Pen Test.