Kibana ESA-2018-18

High Nessus Plugin ID 118798

Synopsis

The remote web server hosts a Java application that is vulnerable.

Description

Nethanel Coppenhagen of CyberArk Labs discovered Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code.
This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.

Solution

Users should upgrade to Elastic Stack version 6.4.3 or 5.6.13Users unable to upgrade can disable the Kibana Console plugin. The Console plugin can be disabled by setting console.enabled: false in the kibana.yml file.

See Also

http://www.nessus.org/u?3f00797e

Plugin Details

Severity: High

ID: 118798

File Name: kibana_esa_2018_18.nasl

Version: 1.1

Type: remote

Family: CGI abuses

Published: 2018/11/07

Modified: 2018/11/07

Dependencies: 109942

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2018-17246

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vulnerability Information

CPE: cpe:/a:elasticsearch:kibana

Required KB Items: installed_sw/Kibana

Patch Publication Date: 2018/11/06

Vulnerability Publication Date: 2018/11/06

Reference Information

CVE: CVE-2018-17246