ID

VAR-201812-0360


CVE

CVE-2018-17246


TITLE

Kibana Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013160

DESCRIPTION

Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. Kibana Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ElasticsearchKibana (formerly known as elasticsearch-dashboard) is an open source, browser-based analytics and search Elasticsearch dashboard tool from Elasticsearch, the Netherlands. Console is one of the console plugins. Kibana is prone to a local file-include vulnerability. This may allow the attacker to compromise the application and the computer; other attacks are also possible. The following versions of product are vulnerable: Kibana 5.0 through 5.5.12 are vulnerable. Kibana 6.0 through 6.4.2 are vulnerable

Trust: 2.52

sources: NVD: CVE-2018-17246 // JVNDB: JVNDB-2018-013160 // CNVD: CNVD-2018-23907 // BID: 106285 // VULMON: CVE-2018-17246

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-23907

AFFECTED PRODUCTS

vendor:elasticsearchmodel:kibanascope:ltversion:6.4.3

Trust: 1.4

vendor:elasticsearchmodel:kibanascope:ltversion:5.6.13

Trust: 1.4

vendor:elasticmodel:kibanascope:ltversion:5.6.13

Trust: 1.0

vendor:elasticmodel:kibanascope:gteversion:6.0.0

Trust: 1.0

vendor:elasticmodel:kibanascope:ltversion:6.4.3

Trust: 1.0

vendor:redhatmodel:openshift container platformscope:eqversion:3.11

Trust: 1.0

vendor:elasticmodel:kibanascope:gteversion:5.0.0

Trust: 1.0

vendor:elasticsearchmodel:kibanascope:eqversion:5.6.4

Trust: 0.9

vendor:elasticsearchmodel:kibanascope:eqversion:6.0.0

Trust: 0.6

vendor:elasticsearchmodel:kibanascope:eqversion:6.0.1

Trust: 0.6

vendor:elasticsearchmodel:kibanascope:eqversion:6.1.0

Trust: 0.6

vendor:elasticsearchmodel:kibanascope:eqversion:6.4.2

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:6.4

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:6.3

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:6.2

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:6.1.2

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:6.1.1

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:6.1

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:6.0

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.6.12

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.6.6

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.6.5

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.6.3

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.6.2

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.6.1

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.6

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.5

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.4

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.3

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.2

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.1.2

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:eqversion:5.0

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:neversion:6.4.3

Trust: 0.3

vendor:elasticsearchmodel:kibanascope:neversion:5.6.13

Trust: 0.3

sources: CNVD: CNVD-2018-23907 // BID: 106285 // JVNDB: JVNDB-2018-013160 // CNNVD: CNNVD-201811-285 // NVD: CVE-2018-17246

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-17246
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-17246
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-23907
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201811-285
value: CRITICAL

Trust: 0.6

VULMON: CVE-2018-17246
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-17246
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-23907
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2018-17246
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-23907 // VULMON: CVE-2018-17246 // JVNDB: JVNDB-2018-013160 // CNNVD: CNNVD-201811-285 // NVD: CVE-2018-17246

PROBLEMTYPE DATA

problemtype:CWE-73

Trust: 1.0

problemtype:CWE-829

Trust: 1.0

problemtype:CWE-77

Trust: 0.8

sources: JVNDB: JVNDB-2018-013160 // NVD: CVE-2018-17246

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201811-285

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201811-285

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013160

PATCH

title:Elastic Stack 6.4.3 and 5.6.13 security updateurl:https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594

Trust: 0.8

title:ESA-2018-18url:https://www.elastic.co/community/security

Trust: 0.8

title:ElasticsearchKibanaConsole plugin command to execute the patch for the vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/145255

Trust: 0.6

title:Elasticsearch Kibana Console Fixes for plugin security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86721

Trust: 0.6

title:Red Hat: CVE-2018-17246url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-17246

Trust: 0.1

title:HTB_Ippsec_Notesurl:https://github.com/Rinkish/HTB_Ippsec_Notes

Trust: 0.1

title:loopholeurl:https://github.com/zhengjim/loophole

Trust: 0.1

sources: CNVD: CNVD-2018-23907 // VULMON: CVE-2018-17246 // JVNDB: JVNDB-2018-013160 // CNNVD: CNNVD-201811-285

EXTERNAL IDS

db:NVDid:CVE-2018-17246

Trust: 3.4

db:BIDid:106285

Trust: 1.9

db:JVNDBid:JVNDB-2018-013160

Trust: 0.8

db:CNVDid:CNVD-2018-23907

Trust: 0.6

db:CNNVDid:CNNVD-201811-285

Trust: 0.6

db:VULMONid:CVE-2018-17246

Trust: 0.1

sources: CNVD: CNVD-2018-23907 // VULMON: CVE-2018-17246 // BID: 106285 // JVNDB: JVNDB-2018-013160 // CNNVD: CNNVD-201811-285 // NVD: CVE-2018-17246

REFERENCES

url:http://www.securityfocus.com/bid/106285

Trust: 2.2

url:https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594

Trust: 1.9

url:https://access.redhat.com/errata/rhba-2018:3743

Trust: 1.6

url:https://www.elastic.co/community/security

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-17246

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17246

Trust: 0.8

url:https://github.com/elastic/kibana/commit/0d3461c2c995e7ce5bb3e04ba5cecbc05a5386ab#diff-263cb6070b4e54ae3b4c343d14d0813br25

Trust: 0.3

url:https://github.com/elastic/kibana

Trust: 0.3

url:https://www.elastic.co/products/kibana

Trust: 0.3

url:https://www.elastic.co/blog/kibana-local-file-inclusion-flaw-cve-2018-17246

Trust: 0.3

url:https://www.elastic.co/downloads/kibana

Trust: 0.3

url:https://www.cyberark.com/threat-research-blog/execute-this-i-know-you-have-it/

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-17246

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1647344

Trust: 0.3

sources: CNVD: CNVD-2018-23907 // BID: 106285 // JVNDB: JVNDB-2018-013160 // CNNVD: CNNVD-201811-285 // NVD: CVE-2018-17246

CREDITS

Nethanel Coppenhagen from CyberArk Labs.

Trust: 0.3

sources: BID: 106285

SOURCES

db:CNVDid:CNVD-2018-23907
db:VULMONid:CVE-2018-17246
db:BIDid:106285
db:JVNDBid:JVNDB-2018-013160
db:CNNVDid:CNNVD-201811-285
db:NVDid:CVE-2018-17246

LAST UPDATE DATE

2024-08-14T14:45:31.283000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-23907date:2018-11-23T00:00:00
db:VULMONid:CVE-2018-17246date:2020-08-14T00:00:00
db:BIDid:106285date:2018-12-20T00:00:00
db:JVNDBid:JVNDB-2018-013160date:2019-02-15T00:00:00
db:CNNVDid:CNNVD-201811-285date:2019-10-17T00:00:00
db:NVDid:CVE-2018-17246date:2020-08-14T17:30:58.793

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-23907date:2018-11-23T00:00:00
db:VULMONid:CVE-2018-17246date:2018-12-20T00:00:00
db:BIDid:106285date:2018-12-20T00:00:00
db:JVNDBid:JVNDB-2018-013160date:2019-02-15T00:00:00
db:CNNVDid:CNNVD-201811-285date:2018-11-12T00:00:00
db:NVDid:CVE-2018-17246date:2018-12-20T22:29:00.367