It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. Using this vulnerability, a malicious user with the ability to create connectors, could utilize these connectors to view limited HTTP response data on hosts accessible to the cluster.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: elastic
Published:
Updated: 2024-08-04T01:30:09.049Z
Reserved: 2021-08-03T00:00:00
Link: CVE-2021-37939

No data.

Status : Modified
Published: 2021-11-18T16:15:08.963
Modified: 2024-11-21T06:16:06.750
Link: CVE-2021-37939
