High Nessus Plugin ID 118798
SynopsisThe remote web server hosts a Java application that is vulnerable.
This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
SolutionUsers should upgrade to Elastic Stack version 6.4.3 or 5.6.13Users unable to upgrade can disable the Kibana Console plugin. The Console plugin can be disabled by setting console.enabled: false in the kibana.yml file.