Hi, just a quick question regarding potential Kibana vulnerability. Does anyone think that because requests such as get _node/... are executable by any user with access to Kibana return so much detailed data about the entire cluster that that leaves the cluster open to all sorts of attacks from IT s…

Kibana vulnerability?

weltenwort (Felix Stürmer) August 30, 2017, 1:47pm 5

Sorry if that sounds a bit vague, but the question was pretty open-ended too

Topic		Replies	Views
Can we have kibana authentication without x-pack? Kibana	3	3746	March 28, 2018
Where is the Kibana password set? Kibana elastic-stack-security	10	23569	February 19, 2021
How to secure access to Kibana? Kibana elastic-stack-security	3	620	May 2, 2022
Logging in to Kibana 8 without security for LDAP auth ES cluster Kibana elastic-stack-security	11	1088	March 3, 2023
XPack Security Configuration Kibana elastic-stack-security	6	440	November 7, 2018

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.

Kibana vulnerability?

Related topics