vulnerability

Elastic Kibana: CVE-2017-8452: Missing Release of File Descriptor or Handle after Effective Lifetime

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Jun 16, 2017	Sep 3, 2025	Sep 3, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Jun 16, 2017

Added

Sep 3, 2025

Modified

Sep 3, 2025

Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Solution

elastic-kibana-upgrade-latest

References

CWE-775
CWE-769
CVE-2017-8452
https://attackerkb.com/topics/CVE-2017-8452
URL-https://www.elastic.co/community/security

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today