← Back to CVE List

CVE-2022-23711

Published: 2022-04-21T19:15Z
Last Modified: 2024-11-21T06:49Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt