Elastic.Kibana.Timelion.Code.Injection

description-logoDescription

This indicates an attack attempt to exploit a Code Injection Vulnerability in Elastic Kibana.
A remote, authenticated attacker could exploit this vulnerability by sending a crafted request to the affected application. Successful exploitation could result in the execution of arbitrary code on the target server.

affected-products-logoAffected Products

Elastic Kibana 5.x prior to 5.6.15
Elastic Kibana 6.x prior to 6.6.1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-02-04 15.770 Default_action:pass:drop
2020-01-07 15.753