CVE-2019-7610
CRITICALKibana < 5.6.15 - Remote Code Execution via Security Audit Logger
Title source: llmDescription
Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting xpack.security.audit.enabled set to true, an attacker could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_misc
https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077
Vendor Advisory x_refsource_misc
https://www.elastic.co/community/security
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2860
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHBA-2019:2824
Scores
CVSS v3
9.0
EPSS
0.0106
EPSS Percentile
77.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-94
CWE-77
Status
published
Products (1)
elastic/kibana
< 5.6.15
Published
Mar 25, 2019
Tracked Since
Feb 18, 2026