CVE-2016-1000219
published 2017-06-16CVE-2016-1000219: Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers could be written to the log files. This…
PriorityP341high7.5CVSS 3.0
AVNACLPRNUINSUCNIHAN
EPSS
2.04%
78.7th percentile
Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers could be written to the log files. This information could be used to hijack sessions of other users when using Kibana behind some form of authentication such as Shield.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | >= 4.1.0 < 4.1.11 | 4.1.11 |
| elastic | kibana | >= 4.5.0 < 4.5.4 | 4.5.4 |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q36m-wm9g-699v: Kibana before 4
ghsa_unreviewed·2022-05-13
CVE-2016-1000219 [HIGH] CWE-285 GHSA-q36m-wm9g-699v: Kibana before 4
Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers could be written to the log files. This information could be used to hijack sessions of other users when using Kibana behind some form of authentication such as Shield.
Red Hat
kibana: Session hijack via stealing cookies and auth headers from log ESA-2016-04
vendor_redhat·2016-08-03·CVSS 7.5
CVE-2016-1000219 [HIGH] CWE-532 kibana: Session hijack via stealing cookies and auth headers from log ESA-2016-04
kibana: Session hijack via stealing cookies and auth headers from log ESA-2016-04
Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers could be written to the log files. This information could be used to hijack sessions of other users when using Kibana behind some form of authentication such as Shield.
A flaw was found in Kibana's logging functionality. If custom logging output was configured in Kibana, private user data could be written to the Kibana log files. A system attacker could use this data to hijack sessions of other users when using Kibana behind some form of authentication such as Shield.
Package: kibana (Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools) - Will not fix
Package: kibana (Red
No detection rules found.
No public exploits indexed.
2017-06-16
Published