- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 7.10
- Quick start
- Set up
- Discover
- Dashboard
- Edit dashboards
- Explore dashboard data
- Create custom dashboard actions
- Share dashboards
- Tutorials
- Compare sales over time with Lens
- Create your first visualization with Vega-Lite
- Update Kibana filters from Vega
- Create time series visualizations with Timelion
- Timelion tutorial: Create visualizations with mathematical functions
- Create visualizations with conditional logic and tracking trends using Timelion
- Aggregation reference
- Vega reference
- Canvas
- Maps
- Machine learning
- Graph
- Observability
- APM
- Elastic Security
- Dev Tools
- Stack Monitoring
- Stack Management
- Fleet
- Reporting
- Alerting and Actions
- REST API
- Kibana plugins
- Accessibility
- Breaking Changes
- Release Notes
- Kibana 7.10.2
- Kibana 7.10.1
- Kibana 7.10.0
- Kibana 7.9.3
- Kibana 7.9.2
- Kibana 7.9.1
- Kibana 7.9.0
- Kibana 7.8.1
- Kibana 7.8.0
- Kibana 7.7.1
- Kibana 7.7.0
- Kibana 7.6.2
- Kibana 7.6.1
- Kibana 7.6.0
- Kibana 7.5.2
- Kibana 7.5.1
- Kibana 7.5.0
- Kibana 7.4.2
- Kibana 7.4.1
- Kibana 7.4.0
- Kibana 7.3.2
- Kibana 7.3.1
- Kibana 7.3.0
- Kibana 7.2.1
- Kibana 7.2.0
- Kibana 7.1.1
- Kibana 7.1.0
- Kibana 7.0.1
- Kibana 7.0.0
- Kibana 7.0.0-rc2
- Kibana 7.0.0-rc1
- Kibana 7.0.0-beta1
- Kibana 7.0.0-alpha2
- Kibana 7.0.0-alpha1
- Developer guide
IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Kibana 7.10.2
edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.
Kibana 7.10.2
editFor detailed information about the 7.10.2 release, review the following bug fixes. Before you upgrade, review the breaking changes in 7.10 and known issue in 7.10.0.
Security update
editVega visualizations are susceptible to stored and reflected XSS via a vulnerable version of the Vega library. When you create Vega visualizations or create a vulnerable URL that describes the visualization, an arbitrary JavaScript can execute in your browser.
Affected versions
editAffected versions include 7.10.1 and earlier.
Solution
editVerify if you use Vega visualizations, then complete the following:
- If you use Vega visualizations, upgrade to 7.10.2.
-
If you do not use Vega visualizations, open your kibana.yml file, then change
vega.enabled: truetovega.enabled: false.
Bug fixes
edit- Alerting
-
- Don’t reset server log level if level is defined #83651
- Dashboard
-
- Fixes Duplicated Create New Modal #86489
- Logs
-
- Fixes value completion in the logs stream query bar #85772
- Machine Learning
- Management
-
- When number of replicas is set to zero, it is now correctly displayed in Index Lifecycle Management policies #85251
- The list of data streams in Index Management now sorts numerically by the raw bytes value, which renders them in the correct order #86204
- Fixes a bug where the enterprise level subscription displayed as platinum #85849
- From table actions in the Cross-Cluster Replication app, you can now pause/resume index replication, unfollow leader index, or delete an auto-follow pattern #84433
- Accessibility fix in Rollup Jobs app: when selecting a row in the jobs table, a screen reader pronounces the job’s name #84567
- Monitoring
- Security
-
- Fixes 500 error when using PKI authentication with an incomplete certificate chain #86700
Was this helpful?
Thank you for your feedback.