fkie_cve-2019-13423
Vulnerability from fkie_nvd
Published
2019-08-23 14:15
Modified
2024-11-21 04:24
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time
References
security@search-guard.comhttps://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12Vendor Advisory
security@search-guard.comhttps://search-guard.com/cve-advisory/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://search-guard.com/cve-advisory/Vendor Advisory
Impacted products
Vendor Product Version
search-guard search_guard *
search-guard search_guard *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:kibana:*:*",
              "matchCriteriaId": "902DAA8C-944C-4A60-AC8E-EA16E5E8D49F",
              "versionEndExcluding": "5.6.8-7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:kibana:*:*",
              "matchCriteriaId": "14FB43F9-4F47-467A-A83E-A6B99D8E1768",
              "versionEndExcluding": "6.2.3-12",
              "versionStartIncluding": "6.1.0-8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time"
    },
    {
      "lang": "es",
      "value": "Las versiones de Search Guard Kibana Plugin anteriores a 5.6.8-7 y anteriores a 6.xy-12 ten\u00edan el problema de que un usuario autenticado de Kibana pod\u00eda hacerse pasar por usuario de kibanaserver al proporcionar credenciales incorrectas cuando todas las siguientes condiciones ac son verdaderas: a) Kibana est\u00e1 configurado utilizar Single-Sign-On como m\u00e9todo de autenticaci\u00f3n, uno de Kerberos, JWT, Proxy, Certificado de cliente. b) El usuario de kibanaserver est\u00e1 configurado para usar HTTP Basic como m\u00e9todo de autenticaci\u00f3n. c) Search Guard est\u00e1 configurado para usar un dominio de autenticaci\u00f3n SSO y HTTP Basic al mismo tiempo"
    }
  ],
  "id": "CVE-2019-13423",
  "lastModified": "2024-11-21T04:24:54.890",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-08-23T14:15:11.607",
  "references": [
    {
      "source": "security@search-guard.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
    },
    {
      "source": "security@search-guard.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://search-guard.com/cve-advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://search-guard.com/cve-advisory/"
    }
  ],
  "sourceIdentifier": "security@search-guard.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "security@search-guard.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.