#Elastic #Stack #Buffer #overflow #code #smuggling #Kibana #component
Kibana, part of the Elastic Stack, suffers from a security flaw that allows code smuggling. The developers announced this in a security message. The culprit is a buffer overflow in Chrome, which allowed attackers to inject their own commands using a crafted HTML page. A “headless” version of Chromium, i.e. one without a graphical user interface, is included in Kibana and introduced the security leak.
Advertisement
From the vulnerability with CVE ID CVE-2023-7024 and a critical However, not all Kibana installations are affected by the severity score of 9.9/10 CVSS points. It primarily impacts customer-managed instances on CentOS, Debian and RHEL, provided the Chromium sandbox is disabled as recommended in the Elastic documentation.
Not every Elastic installation affected
Attackers can also inject code into Kibana Docker instances and the SaaS solution Elastic Cloud; However, the effects here are already limited by security measures such as AppArmor and seccomp-bpf. The same applies to Elastic Cloud on Kubernetes, provided the latter supports the use of seccomp-bpf (from Kubernetes 1.19).
Elastic recommends that administrators whose Kibana versions are 7.17.17 or 8.12.0 or lower move to version 8.12.1 or 7.17.18, which resolves the issue, as soon as possible. If you can’t upgrade, you should temporarily deactivate the reporting module in Kibana – the Elastic security advisory explains how to do this.
The update to version 8.12.1 also fixes another security hole that exists in all versions of 8 and, under certain conditions, grants users excessive permissions. The leak with CVE ID CVE-2024-23446 and CVSS score of 6.5 has a medium Risk.
Elastic offers a collection of tools for real-time analysis and data visualization that serves as the underpinning for products such as the SIEM Wazuh. In a dispute with Amazon, the company abandoned the open source licensing model a few years ago and has since offered the software stack under a non-free license.
(cku)
To home page
:strip_exif()/i/2006208068.jpeg?f=meta)
