FKIE_CVE-2019-7610

Vulnerability from fkie_nvd - Published: 2019-03-25 19:29 - Updated: 2024-11-21 04:48
Severity ?
9.0 (Critical) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting xpack.security.audit.enabled set to true, an attacker could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
References
security@elastic.cohttps://access.redhat.com/errata/RHBA-2019:2824
security@elastic.cohttps://access.redhat.com/errata/RHSA-2019:2860
security@elastic.cohttps://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077Vendor Advisory
security@elastic.cohttps://www.elastic.co/community/securityVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHBA-2019:2824
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2860
af854a3a-2127-422b-91ae-364da2661108https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.elastic.co/community/securityVendor Advisory
Impacted products
Vendor Product Version
elastic kibana *
elastic kibana *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F3E4CC-2877-4CA8-A2EB-3CB9F32855E2",
              "versionEndExcluding": "5.6.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9870EC64-EDCA-436F-BE44-827E8ECA38F9",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting xpack.security.audit.enabled set to true, an attacker could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system."
    },
    {
      "lang": "es",
      "value": "Kibana anterior a versi\u00f3n 6.6.1, contienen un fallo de ejecuci\u00f3n de c\u00f3digo arbitrario en el registrador de auditor\u00eda de seguridad. Si una instancia de Kibana presenta la configuraci\u00f3n xpack.security.audit.enabled establecida en true, un atacante podr\u00eda enviar una petici\u00f3n que intente ejecutar c\u00f3digo javascript. Esto podr\u00eda conllevar a un atacante a ejecutar comandos arbitrarios con permisos del proceso kibana en el sistema host."
    }
  ],
  "id": "CVE-2019-7610",
  "lastModified": "2024-11-21T04:48:23.807",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-25T19:29:02.197",
  "references": [
    {
      "source": "security@elastic.co",
      "url": "https://access.redhat.com/errata/RHBA-2019:2824"
    },
    {
      "source": "security@elastic.co",
      "url": "https://access.redhat.com/errata/RHSA-2019:2860"
    },
    {
      "source": "security@elastic.co",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
    },
    {
      "source": "security@elastic.co",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.elastic.co/community/security"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHBA-2019:2824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:2860"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.elastic.co/community/security"
    }
  ],
  "sourceIdentifier": "security@elastic.co",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "security@elastic.co",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.