Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:CVE-2018-17246-FI
Severity	Minor
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Elastic Kibana server.js Local File Inclusion
Release Date	2019/02/18
Update Number	3143
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Elastic Kibana server.js Local File Inclusion

This signature detects attempts to exploit a known vulnerability against Elastic Kibana server. Successful exploitation could lead to information disclosure, denial of service and, in the worst case, achieve arbitrary code execution.

Extended Description

Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.

Affected Products

Elasticsearch kibana 5.0.0
Elasticsearch kibana 5.0.1
Elasticsearch kibana 5.0.2
Elasticsearch kibana 5.1.1
Elasticsearch kibana 5.1.2
Elasticsearch kibana 5.2.0
Elasticsearch kibana 5.2.1
Elasticsearch kibana 5.2.2
Elasticsearch kibana 5.3.0
Elasticsearch kibana 5.3.1
Elasticsearch kibana 5.3.2
Elasticsearch kibana 5.3.3
Elasticsearch kibana 5.4.0
Elasticsearch kibana 5.4.1
Elasticsearch kibana 5.4.2
Elasticsearch kibana 5.4.3
Elasticsearch kibana 5.5.0
Elasticsearch kibana 5.5.1
Elasticsearch kibana 5.5.2
Elasticsearch kibana 5.5.3
Elasticsearch kibana 5.6.0
Elasticsearch kibana 5.6.1
Elasticsearch kibana 5.6.10
Elasticsearch kibana 5.6.11
Elasticsearch kibana 5.6.12
Elasticsearch kibana 5.6.2
Elasticsearch kibana 5.6.3
Elasticsearch kibana 5.6.4
Elasticsearch kibana 5.6.5
Elasticsearch kibana 5.6.6
Elasticsearch kibana 5.6.7
Elasticsearch kibana 5.6.8
Elasticsearch kibana 5.6.9
Elasticsearch kibana 6.0.0
Elasticsearch kibana 6.0.1
Elasticsearch kibana 6.1.0
Elasticsearch kibana 6.1.1
Elasticsearch kibana 6.1.2
Elasticsearch kibana 6.1.3
Elasticsearch kibana 6.1.4
Elasticsearch kibana 6.2.0
Elasticsearch kibana 6.2.1
Elasticsearch kibana 6.2.2
Elasticsearch kibana 6.2.3
Elasticsearch kibana 6.2.4
Elasticsearch kibana 6.3.0
Elasticsearch kibana 6.3.1
Elasticsearch kibana 6.3.2
Elasticsearch kibana 6.4.0
Elasticsearch kibana 6.4.1
Elasticsearch kibana 6.4.2
Redhat openshift_container_platform 3.11

References

BugTraq: 106285
CVE: CVE-2018-17246
URL: https://www.cyberark.com/threat-research-blog/execute-this-i-know-you-have-it/

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Elastic Kibana server.js Local File Inclusion

Extended Description

Affected Products

References