The host is installed with Kibana before 6.8.9 or 7.x before 7.7.0 and is prone to a prototype pollution vulnerability. A flaw is present in the application, which fails to properly handle an issue in Upgrade Assistant. Successful exploitation could allow an authenticated attacker to insert data that would cause Kibana to execute arbitrary code.