CVE-2019-7609

CRITICAL KEV NUCLEI LAB

Kibana Timelion Prototype Pollution RCE

Title source: metasploit

Description

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.

Exploits (17)

nomisec WORKING POC 166 stars
by LandGrey · remote
https://github.com/LandGrey/CVE-2019-7609
nomisec WORKING POC 89 stars
by jas502n · remote
https://github.com/jas502n/kibana-RCE
nomisec WORKING POC 56 stars
by mpgn · remote-auth
https://github.com/mpgn/CVE-2019-7609
nomisec WORKING POC 21 stars
by hekadan · remote
https://github.com/hekadan/CVE-2019-7609
nomisec WORKING POC 4 stars
by Cr4ckC4t · remote
https://github.com/Cr4ckC4t/cve-2019-7609
nomisec WORKING POC 1 stars
by Akshay15-png · remote
https://github.com/Akshay15-png/CVE-2019-7609
nomisec WRITEUP 1 stars
by dnr6419 · poc
https://github.com/dnr6419/CVE-2019-7609
nomisec WORKING POC 1 stars
by rhbb · remote
https://github.com/rhbb/CVE-2019-7609
gitlab WORKING POC
by digipenguin · remote
https://gitlab.com/digipenguin/CVE-2019-7609
nomisec WORKING POC
by toxxxaka · poc
https://github.com/toxxxaka/CVE-2019-7609
nomisec WORKING POC
by toxaker · remote
https://github.com/toxaker/CVE-2019-7609
nomisec WORKING POC
by aleister1102 · remote
https://github.com/aleister1102/kibana-prototype-pollusion
nomisec WORKING POC
by d0x-awrqxavc · poc
https://github.com/d0x-awrqxavc/CVE-2019-7609-KibanaRCE
nomisec WORKING POC
by OliveiraaX · remote
https://github.com/OliveiraaX/CVE-2019-7609-KibanaRCE
nomisec WORKING POC
by wolf1892 · remote
https://github.com/wolf1892/CVE-2019-7609
vulncheck_xdb WORKING POC
remote
https://github.com/CaelumIsMe/CVE-2019-7069-POC
metasploit WORKING POC MANUAL
by h00die, Michał Bentkowski, Gaetan Ferry · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/kibana_timelion_prototype_pollution_rce.rb

Nuclei Templates (1)

Kibana Timelion - Arbitrary Code Execution
CRITICALby dwisiswant0
Shodan: http.title:"kibana"
FOFA: title="kibana"

References (6)

Scores

CVSS v3 10.0
EPSS 0.9443
EPSS Percentile 100.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Lab Environment

COMMUNITY
Community Lab
docker pull docker.elastic.co/elasticsearch/elasticsearch:6.6.0
docker pull docker.elastic.co/kibana/kibana:6.5.4
docker pull elasticsearch:6.5.3
docker pull kibana:6.5.3
docker pull docker.elastic.co/elasticsearch/elasticsearch:6.5.4
+2 more images
+13 more repos

Details

CISA KEV 2022-01-10
VulnCheck KEV 2021-05-07
InTheWild.io 2022-01-10
ENISA EUVD EUVD-2019-17147
CWE
CWE-94
Status published
Products (3)
elastic/kibana < 5.6.15
redhat/openshift_container_platform 3.11
redhat/openshift_container_platform 4.1
Published Mar 25, 2019
KEV Added Jan 10, 2022
Tracked Since Feb 18, 2026