HomePentest-Tools.com Logo

Elastic Kibana 8.0.0 - 8.7.0 Arbitrary Code Execution Vulnerability (ESA-2023-07) CVE-2023-31414

Severity
CVSSv3 Score
8.8
Vulnerability description

Kibana is prone to an arbitrary code execution vulnerability.

Risk description

An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process. Note: - This issue does not affect Kibana instances running on Elastic Cloud as the payload required to trigger this vulnerability cannot be set in Kibanas configuration. - This issue affects Kibana instances running on Elastic Cloud Enterprise (ECE) but the code execution is limited within the Kibana Docker container. Further exploitation such as container escape is prevented by seccomp-bpf and AppArmor profiles. - This issue affects Kibana instances running on Elastic Cloud on Kubernetes (ECK) but the code execution is limited within the Kibana Docker container. Further exploitation such as container escape can be prevented by seccomp-bpf when configured and supported (Kubernetes v1.19 and later).

Recommendation

Update to version 8.7.1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
May 4, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available