Summary: Kibana contains an arbitrary code execution flaw in the Timelion visualizer.
Detection Method: Sends multiple crafted HTTP requests and checks the response.
Technical Details: An attacker with access to the Timelion application could send a request that
with permissions of the Kibana process on the host system.
Affected Versions: Kibana versions before 5.6.15 and 6.0.0 before 6.6.1.
Recommendations: Update to version 5.6.15, 6.6.1 or later.
Web application abuses
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition