{"containers": {"cna": {"affected": [{"product": "Kibana", "vendor": "Elastic", "versions": [{"status": "affected", "version": "before 6.4.3 and 5.6.13"}]}], "datePublic": "2018-12-20T00:00:00", "descriptions": [{"lang": "en", "value": "Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-73", "description": "CWE-73: External Control of File Name or Path", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-03-13T09:57:01", "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic"}, "references": [{"name": "106285", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/106285"}, {"tags": ["x_refsource_MISC"], "url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"}, {"name": "RHBA-2018:3743", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2018:3743"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.elastic.co/community/security"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@elastic.co", "ID": "CVE-2018-17246", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Kibana", "version": {"version_data": [{"version_value": "before 6.4.3 and 5.6.13"}]}}]}, "vendor_name": "Elastic"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-73: External Control of File Name or Path"}]}]}, "references": {"reference_data": [{"name": "106285", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106285"}, {"name": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594", "refsource": "MISC", "url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"}, {"name": "RHBA-2018:3743", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2018:3743"}, {"name": "https://www.elastic.co/community/security", "refsource": "CONFIRM", "url": "https://www.elastic.co/community/security"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:47:04.056Z"}, "title": "CVE Program Container", "references": [{"name": "106285", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/106285"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"}, {"name": "RHBA-2018:3743", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHBA-2018:3743"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.elastic.co/community/security"}]}]}, "cveMetadata": {"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "assignerShortName": "elastic", "cveId": "CVE-2018-17246", "datePublished": "2018-12-20T22:00:00", "dateReserved": "2018-09-20T00:00:00", "dateUpdated": "2024-08-05T10:47:04.056Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7E9222F-72D2-4181-9936-6FC7724B99AF", "versionEndExcluding": "5.6.13", "versionStartIncluding": "5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FD61DF1-4544-4E77-955A-F456D504E6F4", "versionEndExcluding": "6.4.3", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system."}, {"lang": "es", "value": "Kibana, en versiones anteriores a la 6.4.3 y la 5.6.13, contiene un error de inclusi\u00f3n de archivos arbitrarios en el plugin Console. Un atacante con acceso a la API de la consola de Kibana podr\u00eda enviar una petici\u00f3n que intentar\u00e1 ejecutar c\u00f3digo JavaScript. Esto podr\u00eda conducir a que un atacante ejecute comandos arbitrarios con los permisos del proceso Kibana en el sistema host."}], "id": "CVE-2018-17246", "lastModified": "2020-08-14T17:30:58.793", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-20T22:29:00.367", "references": [{"source": "bressers@elastic.co", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106285"}, {"source": "bressers@elastic.co", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHBA-2018:3743"}, {"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594"}, {"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://www.elastic.co/community/security"}], "sourceIdentifier": "bressers@elastic.co", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-73"}], "source": "bressers@elastic.co", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-enterprise-service-catalog-1:3.11.51-1.git.1671.2d16650.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-0:3.11.51-1.git.0.1560686.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-cluster-autoscaler-0:3.11.51-1.git.0.0aa9fc2.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-descheduler-0:3.11.51-1.git.300.89070e8.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-dockerregistry-0:3.11.51-1.git.446.d29ce0e.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-metrics-server-0:3.11.51-1.git.52.03e3a91.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-node-problem-detector-0:3.11.51-1.git.254.22189b0.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-service-idler-0:3.11.51-1.git.14.813574a.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-web-console-0:3.11.51-1.git.324.0ae64ed.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "cri-o-0:1.11.10-1.rhaos3.11.git42c86f0.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "golang-github-openshift-oauth-proxy-0:3.11.51-1.git.419.1af74df.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "golang-github-prometheus-alertmanager-0:3.11.51-1.git.0.50a0687.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "golang-github-prometheus-node_exporter-0:3.11.51-1.git.1063.12dd8be.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "golang-github-prometheus-prometheus-0:3.11.51-1.git.5023.0ad933c.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "jenkins-0:2.138.2.1542054911-1.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "jenkins-2-plugins-0:3.11.1542061886-1.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "kibana-0:5.6.13-1.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-ansible-0:3.11.51-2.git.0.51c90a3.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-enterprise-autoheal-0:3.11.51-1.git.219.8ea4275.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-enterprise-cluster-capacity-0:3.11.51-1.git.380.ffa21af.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-monitor-project-lifecycle-0:3.11.51-1.git.59.7b59e29.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}, {"advisory": "RHBA-2018:3743", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-monitor-sample-app-0:3.11.51-1.git.5.f6d0188.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2018-12-12T00:00:00Z"}], "bugzilla": {"description": "kibana: Arbitrary file inclusion vulnerability in the Console plugin", "id": "1647344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1647344"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-20->CWE-73->CWE-470", "details": ["Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.", "Kibana, before 6.4.3 and 5.6.13, contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute JavaScript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system."], "name": "CVE-2018-17246", "package_state": [{"cpe": "cpe:/a:redhat:openshift:3.10", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.10"}, {"cpe": "cpe:/a:redhat:openshift:3.2", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.2"}, {"cpe": "cpe:/a:redhat:openshift:3.3", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.3"}, {"cpe": "cpe:/a:redhat:openshift:3.4", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.4"}, {"cpe": "cpe:/a:redhat:openshift:3.5", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.5"}, {"cpe": "cpe:/a:redhat:openshift:3.6", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.6"}, {"cpe": "cpe:/a:redhat:openshift:3.7", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.7"}, {"cpe": "cpe:/a:redhat:openshift:3.9", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:3.0", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Enterprise 3.0"}, {"cpe": "cpe:/a:redhat:openstack-optools:8", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenStack Platform 8 (Liberty) Operational Tools"}, {"cpe": "cpe:/a:redhat:openstack-optools:9", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenStack Platform 9 (Mitaka) Operational Tools"}], "public_date": "2018-11-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-17246\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-17246\nhttps://www.elastic.co/community/security"], "threat_severity": "Important", "upstream_fix": "kibana 6.4.3, kibana 5.6.13"}