Lucene search

ElasticCVELIST:CVE-2021-22150

HistoryNov 22, 2023 - 12:30 a.m.

CVE-2021-22150 Kibana code execution issue

2023-11-2200:30:56

CWE-94

elastic

www.cve.org

kibana

code execution

insecure loading

malicious package

js-yaml

library

cve-2021-22150

fleet admin permissions

attacker

server

6.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0005 Low

EPSS

Percentile

17.8%

JSON

It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, allowing an attacker to execute commands on the Kibana server.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Kibana",
    "vendor": "Elastic",
    "versions": [
      {
        "lessThan": "7.14.0",
        "status": "affected",
        "version": "7.10.2",
        "versionType": "semver"
      }
    ]
  }
]

References

discuss.elastic.co/t/elastic-stack-7-14-1-security-update/283077

www.elastic.co/community/security

6.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0005 Low

EPSS

Percentile

17.8%

JSON

Related for CVELIST:CVE-2021-22150