Ethical Hacking News
A critical vulnerability has been discovered in Kibana data visualization dashboard software for Elasticsearch that allows arbitrary code execution due to a prototype pollution flaw. The severity of the flaw is extremely high, with a CVSS score of 9.9. Elastic has released a security patch to address this issue. Users are advised to update their Kibana software to version 8.17.3 as soon as possible to prevent exploitation.
Elastic released a critical security patch for Kibana due to a severe vulnerability in their data visualization dashboard.The prototype pollution vulnerability allows an attacker to gain arbitrary code execution with specific privileges.The severity of the flaw is rated 9.9 on the CVSS scale, making it extremely critical and easily exploitable.Users with the Viewer role in Kibana versions >= 8.15.0 and < 8.17.1 are vulnerable to the exploit.Elastic has addressed the flaw with version 8.17.3 and provides mitigation measures for users who cannot upgrade.
Recently, Elastic released a critical security patch to address a severe vulnerability in their Kibana data visualization dashboard software. This flaw has significant implications for organizations using Elasticsearch and relies on users with specific privileges to exploit it.
Kibana is a powerful tool that enables users to create bar, line and scatter plots, or pie charts and maps on top of large volumes of data. However, a prototype pollution vulnerability in the Kibana software allows an attacker to gain arbitrary code execution by uploading a specially crafted file and using specifically crafted HTTP requests.
The severity of this flaw has been rated at 9.9 on the CVSS (Common Vulnerability Scoring System) scale, indicating that it is extremely critical and can be exploited easily. In Kibana versions >= 8.15.0 and < 8.17.1, users with the Viewer role are vulnerable to this exploit. In contrast, in Kibana versions 8.17.1 and 8.17.2, only users with specific privileges - fleet-all, integrations-all, and actions:execute-advanced-connectors are affected.
Prototype pollution is a type of vulnerability in JavaScript applications where an attacker can manipulate an object’s prototype, leading to unexpected behavior, security issues, or even remote code execution. This flaw impacts all software versions between 8.15.0 and 8.17.3. Fortunately, Elastic has addressed the flaw with the release of version 8.17.3.
As a precautionary measure for users who cannot upgrade their Kibana software, setting xpack.integration_assistant.enabled: false in the configuration can mitigate this vulnerability.
In conclusion, this critical security patch from Elastic highlights the importance of regularly updating and securing one's software to prevent exploitation by malicious actors.
Related Information:
https://www.ethicalhackingnews.com/articles/Elastic-Patches-Critical-Kibana-Flaw-Allowing-Code-Execution-A-Security-Alert-for-the-Cyber-Savvy-ehn.shtml
https://securityaffairs.com/174999/security/elastic-kibana-critical-flaw.html
Published: Thu Mar 6 17:05:04 2025 by llama3.2 3B Q4_K_M
