CVE-2017-8443Use of GET Request Method With Sensitive Query Strings in Kibana

CWE-598Use of GET Request Method With Sensitive Query StringsCWE-200Sensitive Information Exposure6 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
0.4%
top 42.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Elastic KibanaElastic Kibana X-pack Security
Timeline
PublishedJun 30
Latest updateMay 13

Description

In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters credentials on this screen, the credentials will appear in the URL bar. The credentials could then be viewed by untrusted parties or logged into the Kibana access logs.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5elastic/kibana_x-pack_securitybefore 5.4.3
NVDelastic/kibana5.4.2

🔴Vulnerability Details

2
GHSA
GHSA-8379-8jj9-c2jj: In Kibana X-Pack security versions prior to 52022-05-13
CVEList
CVE-2017-8443: In Kibana X-Pack security versions prior to 52017-06-30

💥Exploits & PoCs

1
Exploit-DB
HP Intelligent Management - Java Deserialization Remote Code Execution (Metasploit)2018-12-04

📋Vendor Advisories

1
Red Hat
kibana: Crafted URLs can be used to trick users into disclosing their password2017-06-30

💬Community

1
Bugzilla
CVE-2017-8443 kibana: Crafted URLs can be used to trick users into disclosing their password2018-01-11
CVE-2017-8443 — Elastic Kibana vulnerability | cvebase