Kibana RCE via Timelion SSTI — requires authenticated access but Kibana deployments are often internet-exposed with default credentials. Apply patches immediately. Restrict Kibana access to VPN-only and audit Kibana admin accounts.
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →