Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Kibana, a popular open-source data visualization and exploration tool, has identified a critical security flaw that could allow attackers to execute arbitrary code.
This vulnerability, tracked as CVE-2024-37287, has a CVSSv3 severity rating of 9.9, indicating its critical nature.
CVE-2024-37287 – Vulnerability Details
The flaw arises from a prototype pollution vulnerability that can be exploited by attackers with access to Machine Learning (ML) and Alerting connector features and write access to internal ML indices.
Exploiting this vulnerability allows attackers to execute arbitrary code, posing significant security risks, as reported by Elastic Cloud.
Affected Environments
The vulnerability affects various Kibana environments, including:
Affected Versions
Kibana Version Status 8.x < 8.14.2Affected7.x < 7.17.23Affected
To mitigate the risk posed by this vulnerability, users are strongly advised to upgrade to Kibana version 8.14.2 or 7.17.23 as soon as possible. These versions contain the necessary patches to address the flaw.
This critical vulnerability underscores the importance of timely software updates and robust security practices. Organizations using Kibana should prioritize upgrading to the latest versions to safeguard their systems against potential exploitation.
Users can refer to the official Kibana documentation and security advisories for more detailed information and guidance.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code
Author: DhivyaKibana, a popular open-source data visualization and exploration tool, has identified a critical security flaw that could allow attackers to execute arbitrary code.
This vulnerability, tracked as CVE-2024-37287, has a CVSSv3 severity rating of 9.9, indicating its critical nature.
CVE-2024-37287 – Vulnerability Details
The flaw arises from a prototype pollution vulnerability that can be exploited by attackers with access to Machine Learning (ML) and Alerting connector features and write access to internal ML indices.
Exploiting this vulnerability allows attackers to execute arbitrary code, posing significant security risks, as reported by Elastic Cloud.
Affected Environments
The vulnerability affects various Kibana environments, including:
- Self-managed Kibana installations on host Operating Systems
- Self-managed Kibana instances running the Kibana Docker image : The Remote Code Execution (RCE) is confined within the container, and seccomp-bpf prevents further exploitation, such as container escape.
- Kibana instances on Elastic Cloud : RCE is limited within the Kibana Docker container, with additional protections provided by seccomp-bpf and AppArmor profiles.
- Kibana instances on Elastic Cloud Enterprise (ECE) : Similar to Elastic Cloud, the RCE is contained within the Docker container, with seccomp-bpf and AppArmor profiles preventing further exploitation.
- Kibana instances on Elastic Cloud on Kubernetes (ECK) : The RCE remains within the Docker container, and seccomp-bpf can prevent further exploitation when configured and supported (Kubernetes v1.19 and later).
Affected Versions
Kibana Version Status 8.x < 8.14.2Affected7.x < 7.17.23Affected
To mitigate the risk posed by this vulnerability, users are strongly advised to upgrade to Kibana version 8.14.2 or 7.17.23 as soon as possible. These versions contain the necessary patches to address the flaw.
This critical vulnerability underscores the importance of timely software updates and robust security practices. Organizations using Kibana should prioritize upgrading to the latest versions to safeguard their systems against potential exploitation.
Users can refer to the official Kibana documentation and security advisories for more detailed information and guidance.
#Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
