CVE-2021-37938Improper Privilege Management in Kibana

CWE-269Improper Privilege ManagementCWE-22Path Traversal3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 61.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Elastic Kibana
Timeline
PublishedNov 18
Latest updateNov 19

Description

It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension. Thanks to Dominic Couture for finding this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDelastic/kibana7.9.07.15.2
CVEListV5elastic/kibanaAll versions from 7.9.0 through 7.15.1

🔴Vulnerability Details

2
GHSA
GHSA-pfm6-x9q4-rphr: It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load2021-11-19
CVEList
CVE-2021-37938: It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load2021-11-18
CVE-2021-37938 — Improper Privilege Management | cvebase