CVE-2022-23711

A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source.

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:elastic:kibana::::::::
	cpe:2.3:a:elastic:kibana::::::::

History

No history.

Information

Published : 2022-04-21 19:15

Updated : 2022-05-03 19:04

NVD link : CVE-2022-23711

Mitre link : CVE-2022-23711

CVE.ORG link : CVE-2022-23711

JSON object : View

Products Affected

elastic

kibana

CWE

NVD-CWE-noinfo CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2022-23711", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-04-21T19:15:08.947", "references": [{"url": "https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826", "tags": ["Vendor Advisory"], "source": "bressers@elastic.co"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "bressers@elastic.co", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source."}, {"lang": "es", "value": "Una vulnerabilidad en Kibana podr\u00eda exponer informaci\u00f3n confidencial relacionada con la monitorizaci\u00f3n de Elastic Stack en la fuente de la p\u00e1gina de Kibana. Las funciones de monitorizaci\u00f3n de Elastic Stack proporcionan una forma de mantener el pulso de la salud y el rendimiento de su cl\u00faster de Elasticsearch. La autenticaci\u00f3n con una instancia vulnerable de Kibana no es necesaria para visualizar la informaci\u00f3n expuesta. La exposici\u00f3n de la monitorizaci\u00f3n de Elastic Stack s\u00f3lo afecta a usuarios que han establecido cualquiera de los ajustes opcionales de monitoring.ui.elasticsearch.* para configurar Kibana como una interfaz de usuario remota para la monitorizaci\u00f3n de Elastic Stack. La misma vulnerabilidad en Kibana podr\u00eda exponer otra informaci\u00f3n no confidencial interna de la aplicaci\u00f3n en la fuente de la p\u00e1gina"}], "lastModified": "2022-05-03T19:04:04.593", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFF9E48A-DC9E-4765-BD96-BB3712DA01C4", "versionEndExcluding": "7.17.3", "versionStartIncluding": "7.2.1"}, {"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18EDFBD1-B667-4568-B33A-D712553078A5", "versionEndExcluding": "8.1.3", "versionStartIncluding": "8.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "bressers@elastic.co"}