CVE-2018-3819
published 2018-03-30CVE-2018-3819: The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions before 6.1.3 and 5.6.7 have an open redirect vulnerability on…
PriorityP423medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
0.85%
53.6th percentile
The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions before 6.1.3 and 5.6.7 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | < 5.6.7 | 5.6.7 |
| elastic | kibana | — | — |
| elastic | kibana | >= 6.0.0 < 6.1.3 | 6.1.3 |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
vendor_redhat6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p999-w4h4-238v: The fix in Kibana for ESA-2017-23 was incomplete
ghsa_unreviewed·2022-05-13
CVE-2018-3819 [MEDIUM] CWE-601 GHSA-p999-w4h4-238v: The fix in Kibana for ESA-2017-23 was incomplete
The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions before 6.1.3 and 5.6.7 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
Red Hat
kibana: open redirect on the login page
vendor_redhat·2018-01-30·CVSS 6.1
CVE-2018-3819 [MEDIUM] CWE-601 kibana: open redirect on the login page
kibana: open redirect on the login page
The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions before 6.1.3 and 5.6.7 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
Statement: This issue affects the versions of kibana as shipped with Red Hat OpenShift Enterprise Linux. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Package: kibana (Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools) - Not affected
Package: kibana (Red Hat OpenSh
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-9516 kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c
bugzilla·2018-09-19·CVSS 7.8
CVE-2018-9516 [HIGH] CVE-2018-9516 kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c
CVE-2018-9516 kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c
A flaw was found in the Linux kernel in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user ("root") to achieve an out-of-bounds write and thus receiving userspace buffer corruption.
An upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=717adfdaf14704fd3ec7fa2c04520c0723247eac
Note: this fix introduces another vulnerability CVE-2019-3819/bz1669187 and these both should be fixed.
Discussion:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1631037]
---
This was fixed for Fedora with 4.17.6 stable updates
---
This issue has been addressed
Bugzilla
CVE-2018-3819 kibana: open redirect on the login page
bugzilla·2018-03-06·CVSS 6.1
CVE-2018-3819 [MEDIUM] CVE-2018-3819 kibana: open redirect on the login page
CVE-2018-3819 kibana: open redirect on the login page
A flaw was found in Kibana versions before 6.1.3 and 5.6.7. The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, there is an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
References:
https://www.elastic.co/community/security
Discussion:
Not a bug. Openshift does not ship xpack as part of the kibana image.
---
(In reply to Jeff Cantrill from comment #4)
> Not a bug. Openshift does not ship xpack as part of the kibana image.
Sorry not sure what the needinfo is for?
As far as security trackers go, the low/moderate are largely up to the product team to fix if they want to, or if they catch it on a rebase due to a later u
2018-03-30
Published