CVE-2022-23711 - Vulnerability Details - OpenCVE

A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Elastic	Kibana

Configuration 1 [-]

OR	cpe:2.3:a:elastic:kibana::::::::
	cpe:2.3:a:elastic:kibana::::::::

No data.

References

Link	Providers
https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826
https://nvd.nist.gov/vuln/detail/CVE-2022-23711
https://www.cve.org/CVERecord?id=CVE-2022-23711

History

No history.

MITRE

Status: PUBLISHED

Assigner: elastic

Published: 2022-04-21T18:22:58

Updated: 2024-08-03T03:51:45.563Z

Reserved: 2022-01-19T00:00:00

Link: CVE-2022-23711

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-04-21T19:15:08.947

Modified: 2024-11-21T06:49:09.447

Link: CVE-2022-23711

Redhat

Severity : Important

Publid Date: 2022-04-20T00:00:00Z

Links: CVE-2022-23711 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "kibana", "vendor": "Elastic", "versions": [{"status": "affected", "version": "Versions 7.2.1 through 7.17.2 & 8.0.0 through 8.1.2"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-21T18:22:58", "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@elastic.co", "ID": "CVE-2022-23711", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "kibana", "version": {"version_data": [{"version_value": "Versions 7.2.1 through 7.17.2 & 8.0.0 through 8.1.2"}]}}]}, "vendor_name": "Elastic"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826", "refsource": "MISC", "url": "https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:51:45.563Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826"}]}]}, "cveMetadata": {"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "assignerShortName": "elastic", "cveId": "CVE-2022-23711", "datePublished": "2022-04-21T18:22:58", "dateReserved": "2022-01-19T00:00:00", "dateUpdated": "2024-08-03T03:51:45.563Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "CFF9E48A-DC9E-4765-BD96-BB3712DA01C4", "versionEndExcluding": "7.17.3", "versionStartIncluding": "7.2.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "18EDFBD1-B667-4568-B33A-D712553078A5", "versionEndExcluding": "8.1.3", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source."}, {"lang": "es", "value": "Una vulnerabilidad en Kibana podr\u00eda exponer informaci\u00f3n confidencial relacionada con la monitorizaci\u00f3n de Elastic Stack en la fuente de la p\u00e1gina de Kibana. Las funciones de monitorizaci\u00f3n de Elastic Stack proporcionan una forma de mantener el pulso de la salud y el rendimiento de su cl\u00faster de Elasticsearch. La autenticaci\u00f3n con una instancia vulnerable de Kibana no es necesaria para visualizar la informaci\u00f3n expuesta. La exposici\u00f3n de la monitorizaci\u00f3n de Elastic Stack s\u00f3lo afecta a usuarios que han establecido cualquiera de los ajustes opcionales de monitoring.ui.elasticsearch.* para configurar Kibana como una interfaz de usuario remota para la monitorizaci\u00f3n de Elastic Stack. La misma vulnerabilidad en Kibana podr\u00eda exponer otra informaci\u00f3n no confidencial interna de la aplicaci\u00f3n en la fuente de la p\u00e1gina"}], "id": "CVE-2022-23711", "lastModified": "2024-11-21T06:49:09.447", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-21T19:15:08.947", "references": [{"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826"}], "sourceIdentifier": "bressers@elastic.co", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "bressers@elastic.co", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kibana: Exposure of Sensitive Information (ESA-2022-05)", "id": "2077601", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077601"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.2", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N", "status": "draft"}, "cwe": "CWE-200->CWE-497", "details": ["A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance is not required to view the exposed information. The Elastic Stack monitoring exposure only impacts users that have set any of the optional monitoring.ui.elasticsearch.* settings in order to configure Kibana as a remote UI for Elastic Stack Monitoring. The same vulnerability in Kibana could expose other non-sensitive application-internal information in the page source.", "A flaw was found in Kibana that could result in an attacker exposing sensitive information related to Elastic Stack monitoring in the Kibana page source, if a user has set the optional monitoring.ui.elasticsearch.* settings. This could result in a loss of confidentiality and integrity."], "name": "CVE-2022-23711", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/elasticsearch-rhel8-operator", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "Kibana", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Out of support scope", "package_name": "Kibana", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Not affected", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Not affected", "package_name": "openshift3/ose-logging-kibana5", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-elasticsearch-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-logging-kibana6", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "puppet-kibana3", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "puppet-kibana3", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "puppet-kibana3", "product_name": "Red Hat OpenStack Platform 16.2"}], "public_date": "2022-04-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-23711\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23711\nhttps://discuss.elastic.co/t/kibana-7-17-3-and-8-1-3-security-update/302826"], "threat_severity": "Important", "upstream_fix": "kibana 7.17.3, kibana 8.1.3"}