VYPR
Unrated severityNVD Advisory· Published May 13, 2021· Updated Aug 3, 2024

CVE-2021-22136

CVE-2021-22136

Description

In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout setting is not being respected. This was caused by background polling activities unintentionally extending authenticated users sessions, preventing a user session from timing out.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Elastic/Kibanallm-fuzzy2 versions
    <7.12.0 || <6.8.15+ 1 more
    • (no CPE)range: <7.12.0 || <6.8.15
    • (no CPE)range: before 7.12.0 and 6.8.15

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.