CVE-2022-23709
published 2022-03-03CVE-2022-23709: A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user with this privilege would be able to…
PriorityP420medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.53%
40.8th percentile
A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user with this privilege would be able to create new alerting rules or overwrite existing ones. However, any new or modified rules would not be enabled, and a user with this privilege could not modify alerting connectors. This effectively means that Read users could disable existing alerting rules.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | — | — |
| elastic | kibana | — | — |
| elastic | kibana | >= 7.7.0 < 7.17.1 | 7.17.1 |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:N
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6mp6-6x9r-hvp3: A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules
ghsa_unreviewed·2022-03-04
CVE-2022-23709 [MEDIUM] CWE-862 GHSA-6mp6-6x9r-hvp3: A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules
A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user with this privilege would be able to create new alerting rules or overwrite existing ones. However, any new or modified rules would not be enabled, and a user with this privilege could not modify alerting connectors. This effectively means that Read users could disable existing alerting rules.
Red Hat
kibana: missing authorization issue (ESA-2022-03)
vendor_redhat·2022-02-28·CVSS 4.3
CVE-2022-23709 [MEDIUM] CWE-862 kibana: missing authorization issue (ESA-2022-03)
kibana: missing authorization issue (ESA-2022-03)
A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user with this privilege would be able to create new alerting rules or overwrite existing ones. However, any new or modified rules would not be enabled, and a user with this privilege could not modify alerting connectors. This effectively means that Read users could disable existing alerting rules.
A flaw was found in Kibana. This issue allows users with read access to the Uptime feature to modify alerting rules, allowing them to create new or overwrite existing ones. However, any rules created this way are not enabled by default and allow the user to disable an existing, enabled alert rule.
Package: openshift-logging/elas
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-03-03
Published