CVE-2023-31414

HIGH

Kibana 8.0.0-8.7.0 - Authenticated Remote Code Execution via YAML or ENV Configuration

Title source: llm

Description

Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process.

References (2)

Core 2

Core References

Vendor Advisory

https://discuss.elastic.co/t/kibana-8-7-1-security-updates/332330

Vendor Advisory

https://www.elastic.co/community/security/

Scores

CVSS v3 8.8

EPSS 0.0055

EPSS Percentile 68.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

elastic/kibana 8.0.0 - 8.7.0

Published May 04, 2023

Tracked Since Feb 18, 2026