Detections
Analytics

FreeBSD : elasticsearch -- XSS vulnerability in the CORS functionality (5951fb49-1ba2-11e5-b43d-002590263bf5)

medium Nessus Plugin ID 84412

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Elastic reports :

Vulnerability Summary: Elasticsearch versions 1.3.x and prior have a default configuration for CORS that allows an attacker to craft links that could cause a user's browser to send requests to Elasticsearch instances on their local network. These requests could cause data loss or compromise.

Remediation Summary: Users should either set 'http.cors.enabled' to false, or set 'http.cors.allow-origin' to the value of the server that should be allowed access, such as localhost or a server hosting Kibana. Disabling CORS entirely with the former setting is more secure, but may not be suitable for all use cases.

Solution

Update the affected package.

See Also

https://www.elastic.co/community/security

https://www.elastic.co/blog/elasticsearch-1-4-0-beta-released

http://www.nessus.org/u?13037b05

http://www.nessus.org/u?0f8804aa

http://www.nessus.org/u?a3055169

Plugin Details

Severity: Medium

ID: 84412

File Name: freebsd_pkg_5951fb491ba211e5b43d002590263bf5.nasl

Version: 2.6

Type: local

Published: 6/26/2015

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:elasticsearch, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 6/26/2015

Vulnerability Publication Date: 10/1/2014

Reference Information

CVE: CVE-2014-6439

BID: 70233