Kibana 8.6.3 < 8.14 (ESA-2024-15)

medium Nessus Plugin ID 200799

Synopsis

The remote host is missing a security update.

Description

The version of Kibana installed on the remote host is between 8.6.3 and 8.13.4. It is, therefore, affected by a vulnerability as referenced in the ESA-2024-15 advisory.

- A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Kibana version 8.14.0 or later.

See Also

http://www.nessus.org/u?abb7eaae

Plugin Details

Severity: Medium

ID: 200799

File Name: kibana_ESA-2024-15.nasl

Version: 1.3

Type: remote

Family: CGI abuses

Published: 6/21/2024

Updated: 8/16/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS Score Source: CVE-2024-37279

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:elasticsearch:kibana

Required KB Items: installed_sw/Kibana

Exploit Ease: No known exploits are available

Patch Publication Date: 6/5/2024

Vulnerability Publication Date: 6/13/2024

Reference Information

CVE: CVE-2024-37279

IAVB: 2024-B-0080-S