Описание
Missing Authorization (CWE-862) in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration (host isolation, process termination, and process suspension) via CAPEC-1 (Accessing Functionality Not Properly Constrained by ACLs). This requires an authenticated attacker with rule management privileges.
A flaw was found in Kibana. An authenticated attacker with rule management privileges could exploit a missing authorization vulnerability in the server-side Detection Rule Management. This allows the attacker to configure unauthorized endpoint response actions, such as host isolation, process termination, and process suspension. This could lead to a denial of service or impact on system integrity.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/kibana6-rhel8 | Not affected |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
Missing Authorization (CWE-862) in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration (host isolation, process termination, and process suspension) via CAPEC-1 (Accessing Functionality Not Properly Constrained by ACLs). This requires an authenticated attacker with rule management privileges.
Missing Authorization (CWE-862) in Kibana\u2019s server-side Detection ...
Missing Authorization (CWE-862) in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration (host isolation, process termination, and process suspension) via CAPEC-1 (Accessing Functionality Not Properly Constrained by ACLs). This requires an authenticated attacker with rule management privileges.
6.5 Medium
CVSS3